Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU16692
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-20337
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp. A remote attacker can trick the victim into opening a specially crafted input, trigger memory corruption and perform DoS attack.
MitigationInstall updates from vendor's website.
libvncserver (Red Hat package): 0.9.11-9.el8_0.2 - 0.9.11-9.el8_1.2
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
gnome-boxes (Red Hat package): 3.28.5-7.el8
nautilus (Red Hat package): 3.28.1-10.el8
mutter (Red Hat package): 3.32.2-10.el8
mozjs60 (Red Hat package): 60.9.0-3.el8
gtk3 (Red Hat package): 3.22.30-4.el8
gsettings-desktop-schemas (Red Hat package): 3.32.0-3.el8
gnome-tweaks (Red Hat package): 3.28.1-6.el8
gnome-software (Red Hat package): 3.30.6-2.el8
gnome-shell (Red Hat package): 3.32.2-9.el8
gnome-settings-daemon (Red Hat package): 3.32.0-4.el8
gnome-remote-desktop (Red Hat package): 0.1.6-5.el8
gnome-control-center (Red Hat package): 3.28.2-5.el8
gjs (Red Hat package): 1.56.2-3.el8
gdm (Red Hat package): 3.28.3-22.el8
evince (Red Hat package): 3.28.4-3.el8
appstream-data (Red Hat package): 8-20190805.el8
accountsservice (Red Hat package): 0.6.50-7.el8
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
vala (Red Hat package): before 0.40.19-1.el8
vinagre (Red Hat package): before 3.22.0-21.el8
mozjs52 (Red Hat package): before 52.9.0-2.el8
libxslt (Red Hat package): before 1.1.32-4.el8
gnome-terminal (Red Hat package): before 3.28.3-1.el8
gnome-session (Red Hat package): before 3.28.1-8.el8
gnome-online-accounts (Red Hat package): before 3.28.2-1.el8
gnome-menus (Red Hat package): before 3.13.3-11.el8
clutter (Red Hat package): before 1.26.2-8.el8
LibRaw (Red Hat package): before 0.19.5-1.el8
External linkshttp://access.redhat.com/errata/RHSA-2020:1766
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU17666
Risk: Low
CVSSv3.1: 3.6 [CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-3825
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a physical attacker to bypass security restrictions on the system.
The vulnerability exists due to improper security restrictions imposed by the affected software when timed login is enabled. A local attacker with physical access can select the timed login user and wait for the timer to expire that allows to bypass security restrictions and gain access to the logged-in user’s session on the targeted system.
MitigationInstall updates from vendor's website.
libvncserver (Red Hat package): 0.9.11-9.el8_0.2 - 0.9.11-9.el8_1.2
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
gnome-boxes (Red Hat package): 3.28.5-7.el8
nautilus (Red Hat package): 3.28.1-10.el8
mutter (Red Hat package): 3.32.2-10.el8
mozjs60 (Red Hat package): 60.9.0-3.el8
gtk3 (Red Hat package): 3.22.30-4.el8
gsettings-desktop-schemas (Red Hat package): 3.32.0-3.el8
gnome-tweaks (Red Hat package): 3.28.1-6.el8
gnome-software (Red Hat package): 3.30.6-2.el8
gnome-shell (Red Hat package): 3.32.2-9.el8
gnome-settings-daemon (Red Hat package): 3.32.0-4.el8
gnome-remote-desktop (Red Hat package): 0.1.6-5.el8
gnome-control-center (Red Hat package): 3.28.2-5.el8
gjs (Red Hat package): 1.56.2-3.el8
gdm (Red Hat package): 3.28.3-22.el8
evince (Red Hat package): 3.28.4-3.el8
appstream-data (Red Hat package): 8-20190805.el8
accountsservice (Red Hat package): 0.6.50-7.el8
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
vala (Red Hat package): before 0.40.19-1.el8
vinagre (Red Hat package): before 3.22.0-21.el8
mozjs52 (Red Hat package): before 52.9.0-2.el8
libxslt (Red Hat package): before 1.1.32-4.el8
gnome-terminal (Red Hat package): before 3.28.3-1.el8
gnome-session (Red Hat package): before 3.28.1-8.el8
gnome-online-accounts (Red Hat package): before 3.28.2-1.el8
gnome-menus (Red Hat package): before 3.13.3-11.el8
clutter (Red Hat package): before 1.26.2-8.el8
LibRaw (Red Hat package): before 0.19.5-1.el8
External linkshttp://access.redhat.com/errata/RHSA-2020:1766
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU18678
Risk: Critical
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-12447
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to functionality in the daemon/gvfsbackendadmin.c file doesn't make use of "setfsuid" call when handling ownership permissions. A remote attacker can gain unauthorized access to arbitrary files on a system.
MitigationInstall updates from vendor's website.
libvncserver (Red Hat package): 0.9.11-9.el8_0.2 - 0.9.11-9.el8_1.2
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
gnome-boxes (Red Hat package): 3.28.5-7.el8
nautilus (Red Hat package): 3.28.1-10.el8
mutter (Red Hat package): 3.32.2-10.el8
mozjs60 (Red Hat package): 60.9.0-3.el8
gtk3 (Red Hat package): 3.22.30-4.el8
gsettings-desktop-schemas (Red Hat package): 3.32.0-3.el8
gnome-tweaks (Red Hat package): 3.28.1-6.el8
gnome-software (Red Hat package): 3.30.6-2.el8
gnome-shell (Red Hat package): 3.32.2-9.el8
gnome-settings-daemon (Red Hat package): 3.32.0-4.el8
gnome-remote-desktop (Red Hat package): 0.1.6-5.el8
gnome-control-center (Red Hat package): 3.28.2-5.el8
gjs (Red Hat package): 1.56.2-3.el8
gdm (Red Hat package): 3.28.3-22.el8
evince (Red Hat package): 3.28.4-3.el8
appstream-data (Red Hat package): 8-20190805.el8
accountsservice (Red Hat package): 0.6.50-7.el8
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
vala (Red Hat package): before 0.40.19-1.el8
vinagre (Red Hat package): before 3.22.0-21.el8
mozjs52 (Red Hat package): before 52.9.0-2.el8
libxslt (Red Hat package): before 1.1.32-4.el8
gnome-terminal (Red Hat package): before 3.28.3-1.el8
gnome-session (Red Hat package): before 3.28.1-8.el8
gnome-online-accounts (Red Hat package): before 3.28.2-1.el8
gnome-menus (Red Hat package): before 3.13.3-11.el8
clutter (Red Hat package): before 1.26.2-8.el8
LibRaw (Red Hat package): before 0.19.5-1.el8
External linkshttp://access.redhat.com/errata/RHSA-2020:1766
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU18677
Risk: High
CVSSv3.1: 7.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-12448
Exploit availability: No
DescriptionInstall updates from vendor's website.
libvncserver (Red Hat package): 0.9.11-9.el8_0.2 - 0.9.11-9.el8_1.2
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
gnome-boxes (Red Hat package): 3.28.5-7.el8
nautilus (Red Hat package): 3.28.1-10.el8
mutter (Red Hat package): 3.32.2-10.el8
mozjs60 (Red Hat package): 60.9.0-3.el8
gtk3 (Red Hat package): 3.22.30-4.el8
gsettings-desktop-schemas (Red Hat package): 3.32.0-3.el8
gnome-tweaks (Red Hat package): 3.28.1-6.el8
gnome-software (Red Hat package): 3.30.6-2.el8
gnome-shell (Red Hat package): 3.32.2-9.el8
gnome-settings-daemon (Red Hat package): 3.32.0-4.el8
gnome-remote-desktop (Red Hat package): 0.1.6-5.el8
gnome-control-center (Red Hat package): 3.28.2-5.el8
gjs (Red Hat package): 1.56.2-3.el8
gdm (Red Hat package): 3.28.3-22.el8
evince (Red Hat package): 3.28.4-3.el8
appstream-data (Red Hat package): 8-20190805.el8
accountsservice (Red Hat package): 0.6.50-7.el8
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
vala (Red Hat package): before 0.40.19-1.el8
vinagre (Red Hat package): before 3.22.0-21.el8
mozjs52 (Red Hat package): before 52.9.0-2.el8
libxslt (Red Hat package): before 1.1.32-4.el8
gnome-terminal (Red Hat package): before 3.28.3-1.el8
gnome-session (Red Hat package): before 3.28.1-8.el8
gnome-online-accounts (Red Hat package): before 3.28.2-1.el8
gnome-menus (Red Hat package): before 3.13.3-11.el8
clutter (Red Hat package): before 1.26.2-8.el8
LibRaw (Red Hat package): before 0.19.5-1.el8
External linkshttp://access.redhat.com/errata/RHSA-2020:1766
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU18676
Risk: Critical
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-12449
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to mishandling of file user and group ownership in the daemon/gvfsbackendadmin.c file. Operations "G_FILE_COPY_ALL_METADATA" from admin:// URIs to file:// URIs during move-and-copy are handled by the Gnome Input/Output (GIO) fallback code, which does not run with root permissions. A remote attacker can gain unauthorized access to arbitrary file information on a system.
MitigationInstall updates from vendor's website.
libvncserver (Red Hat package): 0.9.11-9.el8_0.2 - 0.9.11-9.el8_1.2
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
gnome-boxes (Red Hat package): 3.28.5-7.el8
nautilus (Red Hat package): 3.28.1-10.el8
mutter (Red Hat package): 3.32.2-10.el8
mozjs60 (Red Hat package): 60.9.0-3.el8
gtk3 (Red Hat package): 3.22.30-4.el8
gsettings-desktop-schemas (Red Hat package): 3.32.0-3.el8
gnome-tweaks (Red Hat package): 3.28.1-6.el8
gnome-software (Red Hat package): 3.30.6-2.el8
gnome-shell (Red Hat package): 3.32.2-9.el8
gnome-settings-daemon (Red Hat package): 3.32.0-4.el8
gnome-remote-desktop (Red Hat package): 0.1.6-5.el8
gnome-control-center (Red Hat package): 3.28.2-5.el8
gjs (Red Hat package): 1.56.2-3.el8
gdm (Red Hat package): 3.28.3-22.el8
evince (Red Hat package): 3.28.4-3.el8
appstream-data (Red Hat package): 8-20190805.el8
accountsservice (Red Hat package): 0.6.50-7.el8
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
vala (Red Hat package): before 0.40.19-1.el8
vinagre (Red Hat package): before 3.22.0-21.el8
mozjs52 (Red Hat package): before 52.9.0-2.el8
libxslt (Red Hat package): before 1.1.32-4.el8
gnome-terminal (Red Hat package): before 3.28.3-1.el8
gnome-session (Red Hat package): before 3.28.1-8.el8
gnome-online-accounts (Red Hat package): before 3.28.2-1.el8
gnome-menus (Red Hat package): before 3.13.3-11.el8
clutter (Red Hat package): before 1.26.2-8.el8
LibRaw (Red Hat package): before 0.19.5-1.el8
External linkshttp://access.redhat.com/errata/RHSA-2020:1766
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.