{"id":"MGASA-2019-0037","summary":"Updated libvncserver & x11vnc packages fix security vulnerabilities","details":"A heap use-after-free vulnerability in the server code of the file\ntransfer extension, which can result in remote code execution. This\nattack appears to be exploitable via network connectivity\n(CVE-2018-6307).\n\nA heap use-after-free vulnerability in the server code of the file\ntransfer extension, which can result in remote code execution. This\nattack appears to be exploitable via network connectivity\n(CVE-2018-15126).\n\nA heap out-of-bound write vulnerability in the server code of the file\ntransfer extension, which can result in remote code execution. This\nattack appears to be exploitable via network connectivity\n(CVE-2018-15127).\n\nMultiple heap out-of-bound write vulnerabilities in VNC client code,\nwhich can result in remote code execution (CVE-2018-20019).\n\nHeap out-of-bound write vulnerability in a structure in VNC client code,\nwhich can result in remote code execution (CVE-2018-20020).\n\nInfinite Loop vulnerability in VNC client code. The vulnerability could\nallow an attacker to consume an excessive amount of resources, such as\nCPU and RAM (CVE-2018-20021).\n\nImproper Initialization weaknesses in VNC client code, which could allow\nan attacker to read stack memory and can be abused for information\ndisclosure. Combined with another vulnerability, it can be used to leak\nstack memory layout and bypass ASLR (CVE-2018-20022).\n\nImproper Initialization vulnerability in VNC Repeater client code, which\ncould allow an attacker to read stack memory and can be abused for\ninformation disclosure. Combined with another vulnerability, it can be\nused to leak stack memory layout and bypass ASLR (CVE-2018-20023).\n\nA null pointer dereference in VNC client code, which can result in DoS\n(CVE-2018-20024).\n","modified":"2026-04-16T06:22:49.228332068Z","published":"2019-01-15T22:15:34Z","upstream":["CVE-2018-15126","CVE-2018-15127","CVE-2018-20019","CVE-2018-20020","CVE-2018-20021","CVE-2018-20022","CVE-2018-20023","CVE-2018-20024","CVE-2018-6307"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0037.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=24177"},{"type":"WEB","url":"https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.12"},{"type":"WEB","url":"https://github.com/LibVNC/x11vnc/releases/tag/0.9.15"},{"type":"WEB","url":"https://github.com/LibVNC/x11vnc/releases/tag/0.9.16"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html"},{"type":"WEB","url":"https://lists.opensuse.org/opensuse-updates/2019-01/msg00027.html"}],"affected":[{"package":{"name":"libvncserver","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/libvncserver?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.12-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0037.json"}},{"package":{"name":"x11vnc","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/x11vnc?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.16-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0037.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}