Date: Sun, 18 Feb 2018 14:26:02 -0800 From: Anthony Liguori <anthony@...emonkey.ws> To: oss-security@...ts.openwall.com Subject: Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length FWIW, QEMU had a similar issue a few years ago. There's no shared code, but I bet your test case would have worked there too. https://access.redhat.com/security/cve/cve-2015-5239 Regards, Anthony Liguori
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ