Red Hat Security Advisory 2021-1811-01 - LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include buffer overflow, denial of service, information leakage, and null pointer vulnerabilities.
989c7c7a8b862491fda2080a22ef46eea64cdd2291abf9a2c70ec3dde79b59f1
Ubuntu Security Notice 4434-1 - Ramin Farajpour Cami discovered that LibVNCServer incorrectly handled certain malformed unix socket names. A remote attacker could exploit this with a crafted socket name, leading to a denial of service, or possibly execute arbitrary code. It was discovered that LibVNCServer did not properly access byte-aligned data. A remote attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
5d42906ccf648239aa74d400a8d658ef74c822baa65311e803beacdd0ea77dbb