CVE-2020-14400

An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
Affected Products (NVD)
VendorProductVersion
libvncserver_projectlibvncserver
𝑥
< 0.9.13
debiandebian_linux
8.0
debiandebian_linux
9.0
opensuseleap
15.1
opensuseleap
15.2
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
canonicalubuntu_linux
20.04
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libvncserver
bookworm
0.9.14+dfsg-1
fixed
bullseye
0.9.13+dfsg-2+deb11u1
fixed
sid
0.9.14+dfsg-1
fixed
trixie
0.9.14+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libvncserver
bionic
Fixed 0.9.11+dfsg-1ubuntu1.3
released
eoan
ignored
focal
Fixed 0.9.12+dfsg-9ubuntu0.2
released
groovy
not-affected
hirsute
not-affected
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
dne
xenial
Fixed 0.9.10+dfsg-3ubuntu0.16.04.5
released
veyon
bionic
dne
eoan
ignored
focal
not-affected
groovy
ignored
hirsute
ignored
impish
ignored
jammy
not-affected
kinetic
ignored
lunar
ignored
mantic
ignored
noble
not-affected
trusty
dne
xenial
dne
x11vnc
bionic
not-affected
eoan
ignored
focal
not-affected
groovy
ignored
hirsute
ignored
impish
ignored
jammy
not-affected
kinetic
ignored
lunar
ignored
mantic
ignored
noble
not-affected
trusty
not-affected
xenial
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libvncclient0
suse enterprise desktop 15 SP2
0.9.10-4.22.1
fixed
suse enterprise desktop 15 SP3
0.9.10-4.22.1
fixed
suse enterprise sap 12 SP2
0.9.9-17.31.1
fixed
suse enterprise sap 12 SP3
0.9.9-17.31.1
fixed
suse enterprise sap 12 SP4
0.9.9-17.31.1
fixed
suse enterprise sap 12 SP5
0.9.9-17.31.1
fixed
suse enterprise sap 15 SP2
0.9.10-4.22.1
fixed
suse enterprise sap 15 SP3
0.9.10-4.22.1
fixed
suse enterprise server 12 SP2
0.9.9-17.31.1
fixed
suse enterprise server 12 SP3
0.9.9-17.31.1
fixed
suse enterprise server 12 SP4
0.9.9-17.31.1
fixed
suse enterprise server 12 SP5
0.9.9-17.31.1
fixed
suse enterprise server 15 SP2
0.9.10-4.22.1
fixed
suse enterprise server 15 SP3
0.9.10-4.22.1
fixed
suse enterprise workstation 15 SP2
0.9.10-4.22.1
fixed
suse enterprise workstation 15 SP3
0.9.10-4.22.1
fixed
libvncclient1
suse enterprise desktop 15 SP4
0.9.13-150400.1.9
fixed
suse enterprise sap 15 SP4
0.9.13-150400.1.9
fixed
suse enterprise server 15 SP4
0.9.13-150400.1.9
fixed
suse enterprise workstation 15 SP4
0.9.13-150400.1.9
fixed
libvncserver0
suse enterprise desktop 15 SP2
0.9.10-4.22.1
fixed
suse enterprise desktop 15 SP3
0.9.10-4.22.1
fixed
suse enterprise sap 12 SP2
0.9.9-17.31.1
fixed
suse enterprise sap 12 SP3
0.9.9-17.31.1
fixed
suse enterprise sap 12 SP4
0.9.9-17.31.1
fixed
suse enterprise sap 12 SP5
0.9.9-17.31.1
fixed
suse enterprise sap 15 SP2
0.9.10-4.22.1
fixed
suse enterprise sap 15 SP3
0.9.10-4.22.1
fixed
suse enterprise server 12 SP2
0.9.9-17.31.1
fixed
suse enterprise server 12 SP3
0.9.9-17.31.1
fixed
suse enterprise server 12 SP4
0.9.9-17.31.1
fixed
suse enterprise server 12 SP5
0.9.9-17.31.1
fixed
suse enterprise server 15 SP2
0.9.10-4.22.1
fixed
suse enterprise server 15 SP3
0.9.10-4.22.1
fixed
suse enterprise workstation 15 SP2
0.9.10-4.22.1
fixed
suse enterprise workstation 15 SP3
0.9.10-4.22.1
fixed
libvncserver1
suse enterprise desktop 15 SP4
0.9.13-150400.1.9
fixed
suse enterprise sap 15 SP4
0.9.13-150400.1.9
fixed
suse enterprise server 15 SP4
0.9.13-150400.1.9
fixed
suse enterprise workstation 15 SP4
0.9.13-150400.1.9
fixed
References
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html
https://bugzilla.redhat.com/show_bug.cgi?id=1860361
https://github.com/LibVNC/libvncserver/commit/53073c8d7e232151ea2ecd8a1243124121e10e2d
https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13
https://lists.debian.org/debian-lts-announce/2020/06/msg00035.html
https://lists.debian.org/debian-lts-announce/2020/08/msg00045.html
https://usn.ubuntu.com/4434-1/
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html
https://bugzilla.redhat.com/show_bug.cgi?id=1860361
https://github.com/LibVNC/libvncserver/commit/53073c8d7e232151ea2ecd8a1243124121e10e2d
https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13
https://lists.debian.org/debian-lts-announce/2020/06/msg00035.html
https://lists.debian.org/debian-lts-announce/2020/08/msg00045.html
https://usn.ubuntu.com/4434-1/