In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution.
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Tigervnc | Tigervnc | 1.7.1 (including) | 1.7.1 (including) |