[Buildroot] [PATCH 1/1] package/x11vnc: fix CVE-2020-29074

Thomas Petazzoni thomas.petazzoni at bootlin.com
Sat Dec 5 20:32:59 UTC 2020


On Thu,  3 Dec 2020 21:10:13 +0100
Fabrice Fontaine <fontaine.fabrice at gmail.com> wrote:

> scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which
> allows access by actors other than the current user.
> 
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
> ---
>  ...ared-memory-segments-to-current-user.patch | 25 +++++++++++++++++++
>  1 file changed, 25 insertions(+)
>  create mode 100644 package/x11vnc/0002-scan-limit-access-to-shared-memory-segments-to-current-user.patch

You have forgotten to update X11VNC_IGNORE_CVES, so I did that when
applying. Thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com



More information about the buildroot mailing list