CVE-2020-29260

Published: 2 September 2022

libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().

Priority

7.5

Package	Release	Status
libvncserver Launchpad, Ubuntu, Debian	kinetic	Ignored (end of life, was needs-triage)
	bionic	Needs triage
	focal	Needs triage
	jammy	Needs triage
	lunar	Needs triage
	trusty	Ignored (end of standard support)
	upstream	Needs triage
	xenial	Needs triage
	Patches: upstream: https://github.com/LibVNC/libvncserver/commit/bef41f6ec4097a8ee094f90a1b34a708fbd757ec
tightvnc Launchpad, Ubuntu, Debian	kinetic	Ignored (end of life, was needs-triage)
	focal	Needs triage
	jammy	Needs triage
	xenial	Needs triage
	bionic	Needs triage
	lunar	Needs triage
	trusty	Needs triage
	upstream	Needs triage
veyon Launchpad, Ubuntu, Debian	kinetic	Ignored (end of life, was needs-triage)
	bionic	Does not exist
	focal	Needs triage
	jammy	Needs triage
	lunar	Needs triage
	trusty	Ignored (end of standard support)
	upstream	Needs triage
	xenial	Ignored (end of standard support)
x11vnc Launchpad, Ubuntu, Debian	kinetic	Ignored (end of life, was needs-triage)
	bionic	Needs triage
	focal	Needs triage
	jammy	Needs triage
	lunar	Needs triage
	trusty	Needs triage
	upstream	Needs triage
	xenial	Needs triage
italc Launchpad, Ubuntu, Debian	trusty	Ignored (end of standard support)
	bionic	Needs triage
	focal	Does not exist
	jammy	Does not exist
	upstream	Needs triage
	xenial	Needs triage
vino Launchpad, Ubuntu, Debian	bionic	Not vulnerable (code not present)
	focal	Not vulnerable (code not present)
	jammy	Not vulnerable (code not present)
	xenial	Not vulnerable (code not present)
	kinetic	Not vulnerable (code not present)
	lunar	Not vulnerable (code not present)
	trusty	Ignored (end of standard support)
	upstream	Needs triage

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.