TEMP-1138253-9E600E

NameTEMP-1138253-9E600E
DescriptionAttacker-controlled heap out-of-bounds write in libvncclient Tight decoder
SourceAutomatically generated temporary name. Not for external reference.
Debian Bugs1138253

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libvncserver (PTS)bullseye0.9.13+dfsg-2+deb11u1vulnerable
bookworm0.9.14+dfsg-1+deb12u1vulnerable
trixie0.9.15+dfsg-1+deb13u1vulnerable
forky0.9.15+dfsg-4vulnerable
sid0.9.15+dfsg-5vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libvncserversource(unstable)(unfixed)1138253

Notes

https://github.com/LibVNC/libvncserver/security/advisories/GHSA-v9pm-47h4-jcq8
Search for package or bug name: Reporting problems