Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Ubuntu LibVNCServer Severe DoS Vulnerability Information USN-8494-1

ubuntu
Calendar Grey July 2, 2026
Dist Ubuntu Esm H88
Remote attackers could exploit LibVNCServer to crash or gain access. Critical updates needed for affected Ubuntu systems.
LibVNCServer could be made to crash or run programs if it received specially crafted network traffic.

Summary

LibVNCServer could be made to crash or run programs if it received

specially crafted network traffic.

Software Description:

- libvncserver: vnc server library

Details:

It was discovered that LibVNCServer incorrectly handled the Tight decoder

in libvncclient. A remote attacker could use this issue to cause

LibVNCServer to crash, resulting in a denial of service, or possibly

execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
  libvncclient1                   0.9.15+dfsg-3ubuntu0.2
  libvncserver1                   0.9.15+dfsg-3ubuntu0.2

Ubuntu 25.10
  libvncclient1                   0.9.15+dfsg-1ubuntu0.2
  libvncserver1                   0.9.15+dfsg-1ubuntu0.2

Ubuntu 24.04 LTS
  libvncclient1                   0.9.14+dfsg-1ubuntu0.2
  libvncserver1                   0.9.14+dfsg-1ubuntu0.2

Ubuntu 22.04 LTS
  libvncclient1                   0.9.13+dfsg-3ubuntu0.2
  libvncserver1                   0.9.13+dfsg-3ubuntu0.2

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8494-1

CVE-2026-50538

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8494-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here