An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
{ "vanir_signatures": [ { "deprecated": false, "signature_type": "Function", "source": "https://github.com/libvnc/libvncserver/commit/0cf1400c61850065de590d403f6d49e32882fd76", "target": { "file": "libvncserver/ws_decode.c", "function": "hybiReadAndDecode" }, "signature_version": "v1", "digest": { "function_hash": "180079713415210745791807162750284308920", "length": 4063.0 }, "id": "CVE-2019-20840-10709c66" }, { "deprecated": false, "signature_type": "Line", "source": "https://github.com/libvnc/libvncserver/commit/0cf1400c61850065de590d403f6d49e32882fd76", "target": { "file": "libvncserver/ws_decode.c" }, "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "280535027786460026972189112772063445853", "50701751959996758734036103654922009095", "152558449667183412663568482169208692828", "327930894662464802945272025504953063997", "187881109947118880620593900587007315645", "215302365506936472057092840460876039458", "50659555013314031717534322792322098385", "184898503279201702730802996537756075167", "96434419174010811701165366566747251317", "176232627971923197157543118542926500038" ] }, "id": "CVE-2019-20840-337dc46d" } ] }