3 matches found
OPENSUSE-SU-2026:21118-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issue - CVE-2026-44988: missing validation of rectangle width in tight gradient decoding can lead to server-triggered out-of- bounds write bsc1266459...
SUSE-SU-2026:2427-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - CVE-2026-44988: Fixed missing validation of rectangle width in tight gradient decoding can lead to server-triggered out-of-bounds write bsc1266459...
CVE-2026-44988 LibVNCClient Tight Gradient decoding allows malicious server-triggered heap/stack OOB writes
LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...