PT-2026-56783 · Red Hat · Red Hat Enterprise Linux 10+4

Publicado

2026-07-09

·

Atualizado

2026-07-09

·

CVE-2026-59691

CVSS v3.1

7.1

Alta

VetorAV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
A heap buffer overflow vulnerability was found in GStreamer's rfbsrc plugin. When a client connects to a malicious RFB/VNC server that advertises a 16bpp framebuffer and sends Hextile-encoded updates, the Hextile background fill path writes 32-bit pixel values into a buffer allocated for 16-bit pixels. This type mismatch causes an out-of-bounds heap write that can lead to denial of service (process crash) and potential memory corruption.

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-59691

Produtos afetados

Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9