libvncserver.so is vulnerable to out-of-bounds write. The cause of the vulnerability is the improper memory allocation and handling for length
variable in rfbProcessFileTransferReadBuffer
function in libvncserver/rfbserver.c
.
access.redhat.com/errata/RHSA-2019:0059
github.com/LibVNC/libvncserver/issues/243
ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/
lists.debian.org/debian-lts-announce/2018/12/msg00017.html
lists.debian.org/debian-lts-announce/2019/10/msg00042.html
usn.ubuntu.com/3877-1/
usn.ubuntu.com/4547-1/
usn.ubuntu.com/4587-1/
www.debian.org/security/2019/dsa-4383