CVE-2020-29074

NameCVE-2020-29074
Descriptionscan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-2490-1, DSA-4799-1
Debian Bugs975875

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
x11vnc (PTS)jessie0.9.13-1.2vulnerable
stretch (security), stretch (lts), stretch0.9.13-2+deb9u2fixed
buster (security), buster, buster (lts)0.9.13-6+deb10u1fixed
bullseye0.9.16-7fixed
bookworm0.9.16-9fixed
sid, trixie0.9.16-10fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
x11vncsourcejessie(unfixed)end-of-life
x11vncsourcestretch0.9.13-2+deb9u2DLA-2490-1
x11vncsourcebuster0.9.13-6+deb10u1DSA-4799-1
x11vncsource(unstable)0.9.16-5975875

Notes

https://github.com/LibVNC/x11vnc/commit/69eeb9f7baa14ca03b16c9de821f9876def7a36a
Search for package or bug name: Reporting problems