CVE-2017-18922

NameCVE-2017-18922
DescriptionIt was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severityhigh

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libvncserver (PTS)stretch0.9.11+dfsg-1.3~deb9u4vulnerable
stretch (security)0.9.11+dfsg-1.3~deb9u5vulnerable
buster0.9.11+dfsg-1.3+deb10u4vulnerable
bullseye, sid0.9.13+dfsg-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libvncserversource(unstable)0.9.12+dfsg-3

Notes

[buster] - libvncserver <ignored> (Required change too invasive, minor issue)
[stretch] - libvncserver <ignored> (Required change too invasive, minor issue)
https://github.com/LibVNC/libvncserver/commit/aac95a9dcf4bbba87b76c72706c3221a842ca433
https://www.openwall.com/lists/oss-security/2020/06/30/2

Search for package or bug name: Reporting problems