CVE-2018-20024

Priority
Description
LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null
pointer dereference in VNC client code that can result DoS.
Assigned-to
mdeslaur
Notes
Package
Source: italc (LP Ubuntu Debian)
Upstream:released (1:3.0.3+dfsg1-1+deb9u1, 1:2.0.2+dfsg1-2+deb8u1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:2.0.2+dfsg1-4ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (1:3.0.3+dfsg1-3ubuntu0.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (0.9.11+dfsg-1.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [0.9.9+dfsg-1ubuntu1.4])
Ubuntu 16.04 LTS (Xenial Xerus):released (0.9.10+dfsg-3ubuntu0.16.04.3)
Ubuntu 18.04 LTS (Bionic Beaver):released (0.9.11+dfsg-1ubuntu1.1)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (0.9.11+dfsg-1.2)
Ubuntu 20.10 (Groovy Gorilla):not-affected (0.9.11+dfsg-1.2)
Patches:
Upstream:https://github.com/LibVNC/libvncserver/commit/4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7
Package
Source: ssvnc (LP Ubuntu Debian)
Upstream:released (1.0.29-2+deb8u1, 1.0.29-3+deb9u1, 1.0.29-4+deb10u1, 1.0.29-5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.9.29-2+deb8u1build0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 20.04 LTS (Focal Fossa):not-affected (1.0.29-5)
Ubuntu 20.10 (Groovy Gorilla):not-affected (1.0.29-5)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (uses shared libvnc)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (uses shared libvnc)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (uses shared libvnc)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (uses shared libvnc)
Ubuntu 20.10 (Groovy Gorilla):not-affected (uses shared libvnc)
More Information

Updated: 2020-10-08 18:14:26 UTC (commit b5f945b82ade01d85e50648157c9a920d2d848e1)