Severe DoS Vulnerability in LibVNCServer Affects Multiple Ubuntu Versions

Severe DoS Vulnerability in LibVNCServer Affects Multiple Ubuntu Versions

First seen 2 Jul 2026, 18:59 UTC UbuntuLinuxsecurity 91% similarity 72.0
Share:

Article Content

Browse articles
ThreatCluster

A critical vulnerability in LibVNCServer has been identified, allowing remote attackers to crash the server or execute arbitrary code via specially crafted network traffic. This issue arises from improper handling of the Tight decoder in libvncclient. Affected systems include Ubuntu 26.04 LTS, 25.10, 24.04 LTS, and 22.04 LTS. Users are advised to update to specific package versions to mitigate the risk. The vulnerability poses a significant threat of denial of service and potential remote code execution. The problem can be rectified through a standard system update. Security notices have been issued to alert users of the necessary actions.

Key Points: • LibVNCServer vulnerability allows remote code execution and denial of service. • Affected Ubuntu versions include 26.04 LTS, 25.10, 24.04 LTS, and 22.04 LTS. • Users must update to specific package versions to mitigate the threat.

ThreatCluster AI

Timeline

2026-07-02
LibVNCServer vulnerability disclosed
A vulnerability in LibVNCServer was discovered, allowing remote attackers to crash the server or execute code.
Linuxsecurity
2026-07-02
Security notice issued
Ubuntu issued USN-8494-1, detailing the vulnerability and necessary updates for affected systems.
Ubuntu

Community

Browse all →