libvncserver vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
* Ubuntu 20.04 LTS
* Ubuntu 18.04 LTS
* Ubuntu 16.04 LTS
Summary
Several security issues were fixed in LibVNCServer.
Software Description
* libvncserver - vnc server library
Details
Ramin Farajpour Cami discovered that LibVNCServer incorrectly
handled certain malformed unix socket names. A remote attacker
could exploit this with a crafted socket name, leading to a denial
of service, or possibly execute arbitrary code. (CVE-2019-20839)
It was discovered that LibVNCServer did not properly access
byte-aligned data. A remote attacker could possibly use this issue
to cause LibVNCServer to crash, resulting in a denial of service.
This issue only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS.
(CVE-2019-20840)
Christian Beier discovered that LibVNCServer incorrectly handled
anonymous TLS connections. A remote attacker could possibly use
this issue to cause LibVNCServer to crash, resulting in a denial
of service. This issue only affected Ubuntu 20.04 LTS.
(CVE-2020-14396)
It was discovered that LibVNCServer incorrectly handled region
clipping. A remote attacker could possibly use this issue to cause
LibVNCServer to crash, resulting in a denial of service.
(CVE-2020-14397)
It was discovered that LibVNCServer did not properly reset
incorrectly terminated TCP connections. A remote attacker could
possibly use this issue to cause an infinite loop, resulting in a
denial of service. (CVE-2020-14398)
It was discovered that LibVNCServer did not properly access
byte-aligned data. A remote attacker could possibly use this issue
to cause LibVNCServer to crash, resulting in a denial of service.
(CVE-2020-14399, CVE-2020-14400)
It was discovered that LibVNCServer incorrectly handled screen
scaling on the server side. A remote attacker could use this issue
to cause LibVNCServer to crash, resulting in a denial of service,
or possibly execute arbitrary code. (CVE-2020-14401)
It was discovered that LibVNCServer incorrectly handled encodings.
A remote attacker could use this issue to cause LibVNCServer to
crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2020-14402, CVE-2020-14403, CVE-2020-14404)
It was discovered that LibVNCServer incorrectly handled TextChat
messages. A remote attacker could possibly use this issue to cause
LibVNCServer to crash, resulting in a denial of service.
(CVE-2020-14405)
Update instructions
The problem can be corrected by updating your system to the
following package versions:
Ubuntu 20.04 LTS
libvncclient1 - 0.9.12+dfsg-9ubuntu0.2
libvncserver1 - 0.9.12+dfsg-9ubuntu0.2
Ubuntu 18.04 LTS
libvncclient1 - 0.9.11+dfsg-1ubuntu1.3
libvncserver1 - 0.9.11+dfsg-1ubuntu1.3
Ubuntu 16.04 LTS
libvncclient1 - 0.9.10+dfsg-3ubuntu0.16.04.5
libvncserver1 - 0.9.10+dfsg-3ubuntu0.16.04.5
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart LibVNCServer
applications to make all the necessary changes.
References
* CVE-2019-20839
* CVE-2019-20840
* CVE-2020-14396
* CVE-2020-14397
* CVE-2020-14398
* CVE-2020-14399
* CVE-2020-14400
* CVE-2020-14401
* CVE-2020-14402
* CVE-2020-14403
* CVE-2020-14404
* CVE-2020-14405
--- Mystic BBS v1.12 A45 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)