Upstream information
Description
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation.NVD CVSS v2 Base Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
Novell/SUSE information
Novell Bugzilla entries: 690238, 691207, 691356 SUSE Security Advisories:- SUSE-SR:2011:009, published Tue, 17 May 2011 10:00:00 +0000
- openSUSE-SU-2011:0481-1, published Thu, 12 May 2011 20:08:21 +0200 (CEST)
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SUSE Linux Enterprise Server 10 SP3 DEBUGINFO |
| sles10-sp3.x86-64 sles10-sp3-debuginfo.s390x sles10-sp3.x86 sles10-sp3.ia64 sles10-sp3-debuginfo.ppc sles10-sp3-debuginfo.x86-64 sles10-sp3-debuginfo.ia64 sles10-sp3.s390x sles10-sp3.ppc sles10-sp3-debuginfo.x86 ZYPP Patch Nr: 7532 |
| SUSE Linux Enterprise SDK 10 SP3 SUSE Linux Enterprise Server 10 SP3 SUSE Linux Enterprise Server for SAP 10 SP3 |
| sles10-sp3.x86-64 sles10-sp3-debuginfo.s390x sles10-sp3.x86 sles10-sp3.ia64 sles10-sp3-debuginfo.ppc sles10-sp3-debuginfo.x86-64 sles10-sp3-debuginfo.ia64 sles10-sp3.s390x sles10-sp3.ppc sles10-sp3-debuginfo.x86 ZYPP Patch Nr: 7532 |
| SLE 11 SP1 DEBUGINFO |
| sles11-sp1.ppc sles11-sp1.x86 sled11-sp1.x86-64 sles11-sp1.s390x sles11-sp1.x86-64 sles11-sp1-vmware.x86 sled11-sp1.x86 sles11-sp1.ia64 sles11-sp1-vmware.x86-64 SAT Patch Nr: 4575 |
| SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware |
| sles11-sp1.ppc sles11-sp1.x86 sled11-sp1.x86-64 sles11-sp1.s390x sles11-sp1.x86-64 sles11-sp1-vmware.x86 sled11-sp1.x86 sles11-sp1.ia64 sles11-sp1-vmware.x86-64 SAT Patch Nr: 4575 |
| SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T SUSE Linux Enterprise Desktop 10 SP4 for x86 SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T SUSE Linux Enterprise Server 10 SP4 for IBM POWER SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit SUSE Linux Enterprise Server 10 SP4 for IPF SUSE Linux Enterprise Server 10 SP4 for x86 |
| sled10-sp4.x86-64 sled10-sp4.x86 sles10-sp4.s390x sles10-sp4-debuginfo.ppc sles10-sp4.x86 sles10-sp4-debuginfo.s390x sles10-sp4-debuginfo.x86 sles10-sp4.x86-64 sles10-sp4.ppc sles10-sp4.ia64 sles10-sp4-debuginfo.x86-64 sles10-sp4-debuginfo.ia64 ZYPP Patch Nr: 7531 |
| SUSE Linux Enterprise 10 SP4 DEBUGINFO for AMD64 and Intel EM64T SUSE Linux Enterprise 10 SP4 DEBUGINFO for IBM POWER SUSE Linux Enterprise 10 SP4 DEBUGINFO for IBM zSeries 64bit SUSE Linux Enterprise 10 SP4 DEBUGINFO for IPF SUSE Linux Enterprise 10 SP4 DEBUGINFO for x86 |
| sled10-sp4.x86-64 sled10-sp4.x86 sles10-sp4.s390x sles10-sp4-debuginfo.ppc sles10-sp4.x86 sles10-sp4-debuginfo.s390x sles10-sp4-debuginfo.x86 sles10-sp4.x86-64 sles10-sp4.ppc sles10-sp4.ia64 sles10-sp4-debuginfo.x86-64 sles10-sp4-debuginfo.ia64 ZYPP Patch Nr: 7531 |
| openSUSE 11.2 |
| |
| openSUSE 11.2 |
| |
| openSUSE 11.3 |
| |
| openSUSE 11.3 |
| |
| openSUSE 11.4 DEBUGINFO |
| |
| openSUSE 11.4 |
|