Candidate: CVE-2020-15117
PublicDate: 2020-07-15 18:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15117
 https://github.com/symless/synergy-core/commit/0a97c2be0da2d0df25cb86dfd642429e7a8bea39
 https://github.com/symless/synergy-core/security/advisories/GHSA-chfm-333q-gfpp
Description:
 In Synergy before version 1.12.0, a Synergy server can be crashed by
 receiving a kMsgHelloBack packet with a client name length set to
 0xffffffff (4294967295) if the servers memory is less than 4 GB. It was
 verified that this issue does not cause a crash through the exception
 handler if the available memory of the Server is more than 4GB.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H [6.5 MEDIUM]


Patches_synergy:
upstream_synergy: needs-triage
precise/esm_synergy: DNE
trusty_synergy: ignored (out of standard support)
trusty/esm_synergy: DNE
xenial_synergy: ignored (end of standard support, was needs-triage)
bionic_synergy: needs-triage
eoan_synergy: DNE
focal_synergy: DNE
groovy_synergy: DNE
hirsute_synergy: DNE
impish_synergy: DNE
jammy_synergy: DNE
devel_synergy: DNE