?revision_form?Rev ?revision_input??revision_submit??revision_endform?
Blame |
Last modification |
View Log
| RSS feed
Description: CVE-2018-20021
CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows
attacker to consume excessive amount of resources like CPU and RAM
---
Author: Abhijith PA <abhijith@debian.org>
Origin: https://github.com/LibVNC/libvncserver/commit/c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c
Bug: https://github.com/LibVNC/libvncserver/issues/251
Bug-Debian: https://bugs.debian.org/916941
Last-Update: 2018-12-23
--- a/vnc_unixsrc/vncviewer/rfbproto.c
+++ b/vnc_unixsrc/vncviewer/rfbproto.c
@@ -3156,7 +3156,7 @@
if (db) fprintf(stderr, "Raw: %dx%d+%d+%d\n", rect.r.w, rect.r.h, rect.r.x, rect.r.y);
area_raw += rect.r.w * rect.r.h;
- while (rect.r.h > 0) {
+ while (linesToRead && rect.r.h > 0) {
if (linesToRead > rect.r.h) {
linesToRead = rect.r.h;
}