Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 756841 (CVE-2020-29074) - <x11-misc/x11vnc-0.9.16-r4: Insecure permissions on shm (CVE-2020-29074)
Summary: <x11-misc/x11vnc-0.9.16-r4: Insecure permissions on shm (CVE-2020-29074)
Status: IN_PROGRESS
Alias: CVE-2020-29074
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://github.com/LibVNC/x11vnc/comm...
Whiteboard: C3 [glsa?]
Keywords: CC-ARCHES, PullRequest
Depends on:
Blocks:
 
Reported: 2020-11-26 16:39 UTC by Sam James
Modified: 2020-12-26 21:00 UTC (History)
2 users (show)

See Also:
Package list:
x11-misc/x11vnc-0.9.16-r4
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester gentoo-dev Security 2020-11-26 16:39:45 UTC
"scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user."

Patch linked.
Comment 1 Sam James archtester gentoo-dev Security 2020-11-26 16:40:19 UTC
Please apply the linked patch. Thanks!
Comment 2 Larry the Git Cow gentoo-dev 2020-12-07 07:36:34 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=10d026e0af2445f2a4b6f922486795ede8ef4907

commit 10d026e0af2445f2a4b6f922486795ede8ef4907
Author:     Alexander Tsoy <alexander@tsoy.me>
AuthorDate: 2020-11-27 16:50:50 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2020-12-07 07:34:45 +0000

    x11-misc/x11vnc: security bump for CVE-2020-29074
    
    Bug: https://bugs.gentoo.org/756841
    Signed-off-by: Alexander Tsoy <alexander@tsoy.me>
    Closes: https://github.com/gentoo/gentoo/pull/18432
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 .../files/x11vnc-0.9.16-CVE-2020-29074.patch       | 25 +++++++
 x11-misc/x11vnc/x11vnc-0.9.16-r4.ebuild            | 81 ++++++++++++++++++++++
 2 files changed, 106 insertions(+)
Comment 3 John Helmert III gentoo-dev Security 2020-12-07 07:43:00 UTC
Please let us know when ready to stable.
Comment 4 Alexander Tsoy 2020-12-07 16:13:48 UTC
Please go ahead.
Comment 5 Rolf Eike Beer 2020-12-10 19:26:29 UTC
sparc stable
Comment 6 Thomas Deutschmann gentoo-dev Security 2020-12-10 21:42:36 UTC
x86 stable
Comment 7 Sam James archtester gentoo-dev Security 2020-12-11 22:10:09 UTC
arm done
Comment 8 Sergei Trofimovich gentoo-dev 2020-12-11 23:24:07 UTC
ppc/ppc64 stable
Comment 9 Sam James archtester gentoo-dev Security 2020-12-15 10:35:29 UTC
amd64 done
Comment 10 Sergei Trofimovich gentoo-dev 2020-12-23 22:48:26 UTC
hppa stable

Last arch. Closing.
Comment 11 Sam James archtester gentoo-dev Security 2020-12-23 22:49:24 UTC
Please cleanup, thanks!
Comment 12 Larry the Git Cow gentoo-dev 2020-12-26 20:54:44 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=247076038706da75eea7ecc2ba423b87cd0eead0

commit 247076038706da75eea7ecc2ba423b87cd0eead0
Author:     Alexander Tsoy <alexander@tsoy.me>
AuthorDate: 2020-12-23 22:53:30 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2020-12-26 20:54:19 +0000

    x11-misc/x11vnc: security cleanup
    
    Bug: https://bugs.gentoo.org/756841
    Signed-off-by: Alexander Tsoy <alexander@tsoy.me>
    Closes: https://github.com/gentoo/gentoo/pull/18797
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 x11-misc/x11vnc/x11vnc-0.9.16-r2.ebuild | 75 -------------------------------
 x11-misc/x11vnc/x11vnc-0.9.16-r3.ebuild | 80 ---------------------------------
 2 files changed, 155 deletions(-)
Comment 13 Sam James archtester gentoo-dev Security 2020-12-26 21:00:27 UTC
Thanks!