Lucene search
AmazonALAS2-2023-2170HistoryJul 20, 2023 - 5:29 p.m.
Low: libvncserver
2023-07-2017:29:00
alas.aws.amazon.com
4
memory leak
rfbclientcleanup
update
amazon linux 2
cve-2020-29260
libvncserver
0.001 Low
EPSS
Percentile
29.9%
Issue Overview:
libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup(). (CVE-2020-29260)
Affected Packages:
libvncserver
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update libvncserver to update your system.
New Packages:
aarch64:
libvncserver-0.9.9-14.amzn2.0.1.aarch64
libvncserver-devel-0.9.9-14.amzn2.0.1.aarch64
libvncserver-debuginfo-0.9.9-14.amzn2.0.1.aarch64
i686:
libvncserver-0.9.9-14.amzn2.0.1.i686
libvncserver-devel-0.9.9-14.amzn2.0.1.i686
libvncserver-debuginfo-0.9.9-14.amzn2.0.1.i686
src:
libvncserver-0.9.9-14.amzn2.0.1.src
x86_64:
libvncserver-0.9.9-14.amzn2.0.1.x86_64
libvncserver-devel-0.9.9-14.amzn2.0.1.x86_64
libvncserver-debuginfo-0.9.9-14.amzn2.0.1.x86_64
Additional References
Red Hat: CVE-2020-29260
Mitre: CVE-2020-29260
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 2 | aarch64 | libvncserver | < 0.9.9-14.amzn2.0.1 | libvncserver-0.9.9-14.amzn2.0.1.aarch64.rpm |
| Amazon Linux | 2 | aarch64 | libvncserver-devel | < 0.9.9-14.amzn2.0.1 | libvncserver-devel-0.9.9-14.amzn2.0.1.aarch64.rpm |
| Amazon Linux | 2 | aarch64 | libvncserver-debuginfo | < 0.9.9-14.amzn2.0.1 | libvncserver-debuginfo-0.9.9-14.amzn2.0.1.aarch64.rpm |
| Amazon Linux | 2 | i686 | libvncserver | < 0.9.9-14.amzn2.0.1 | libvncserver-0.9.9-14.amzn2.0.1.i686.rpm |
| Amazon Linux | 2 | i686 | libvncserver-devel | < 0.9.9-14.amzn2.0.1 | libvncserver-devel-0.9.9-14.amzn2.0.1.i686.rpm |
| Amazon Linux | 2 | i686 | libvncserver-debuginfo | < 0.9.9-14.amzn2.0.1 | libvncserver-debuginfo-0.9.9-14.amzn2.0.1.i686.rpm |
| Amazon Linux | 2 | x86_64 | libvncserver | < 0.9.9-14.amzn2.0.1 | libvncserver-0.9.9-14.amzn2.0.1.x86_64.rpm |
| Amazon Linux | 2 | x86_64 | libvncserver-devel | < 0.9.9-14.amzn2.0.1 | libvncserver-devel-0.9.9-14.amzn2.0.1.x86_64.rpm |
| Amazon Linux | 2 | x86_64 | libvncserver-debuginfo | < 0.9.9-14.amzn2.0.1 | libvncserver-debuginfo-0.9.9-14.amzn2.0.1.x86_64.rpm |
Related
nessus
nessus
SUSE SLED15 / SLES15 Security Update : LibVNCServer (SUSE-SU-2022:3540-1)
2022-10-07 00:00:00
SUSE SLED15 / SLES15 Security Update : LibVNCServer (SUSE-SU-2022:3990-1)
2022-11-16 00:00:00
SUSE SLES12 Security Update : LibVNCServer (SUSE-SU-2022:4330-1)
2022-12-07 00:00:00
cvelist
cvelist
CVE-2020-29260
2022-09-02 22:14:35
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:3990-1)
2022-11-16 00:00:00
Mageia: Security Advisory (MGASA-2022-0363)
2022-10-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:4330-1)
2022-12-07 00:00:00
suse
suse
Security update for LibVNCServer (moderate)
2022-10-06 00:00:00
ubuntucve
ubuntucve
CVE-2020-29260
2022-09-02 00:00:00
prion
prion
Memory corruption
2022-09-02 23:15:00
mageia
mageia
Updated libvncserver packages fix security vulnerability
2022-10-08 23:22:22
veracode
veracode
Denial Of Service (DoS)
2022-09-05 05:53:35
cve
cve
CVE-2020-29260
2022-09-02 23:15:00
redhatcve
redhatcve
CVE-2020-29260
2022-09-05 05:58:55
alpinelinux
alpinelinux
CVE-2020-29260
2022-09-02 23:15:00
debiancve
debiancve
CVE-2020-29260
2022-09-02 23:15:00
osv
osv
CVE-2020-29260
2022-09-02 23:15:08
libvncserver - security update
2022-09-30 00:00:00
debian
debian
[SECURITY] [DLA 3125-1] libvncserver security update
2022-09-29 22:30:28