CVE-2018-20024
Description
LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
LibVNC <= 0.9.11 contains a null pointer dereference in client code leading to denial of service via a crafted server message.
Vulnerability
LibVNCServer before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 (versions prior to 0.9.12) contains a null pointer dereference in the VNC client code [1][3]. This vulnerability can be triggered when a VNC client connects to a malicious VNC server that sends specially crafted data, causing a null pointer to be dereferenced and resulting in a denial-of-service condition.
Exploitation
An attacker must set up a malicious VNC server and convince a user to connect to it (user interaction is required). Once the client connects, the server sends crafted messages that trigger the null pointer dereference in the client code, leading to a crash of the client application.
Impact
Successful exploitation results in a denial of service (DoS) against the VNC client application. No remote code execution or data compromise has been reported.
Mitigation
The fix was committed in October 2018 and included in LibVNCServer version 0.9.12 [1][3]. Users should upgrade to LibVNCServer 0.9.12 or later. Gentoo has released GLSA 201908-05 recommending the upgrade [3]. For the ssvnc package, which bundles LibVNC, Gentoo has discontinued support and recommends removal (GLSA 202006-06) [2]. No workaround is available.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
25- Range: LibVNCServer-0.9.10, LibVNCServer-0.9.11, LibVNCServer-0.9.8, …
- Range: < commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7
- osv-coords23 versionspkg:rpm/opensuse/LibVNCServer&distro=openSUSE%20Leap%2015.0pkg:rpm/suse/LibVNCServer&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015pkg:rpm/suse/LibVNCServer&distro=SUSE%20OpenStack%20Cloud%207
< 0.9.10-lp150.3.3.1+ 22 more
- (no CPE)range: < 0.9.10-lp150.3.3.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.10-4.3.1
- (no CPE)range: < 0.9.1-160.6.1
- (no CPE)range: < 0.9.1-160.6.1
- (no CPE)range: < 0.9.1-160.6.1
- (no CPE)range: < 0.9.1-160.6.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.1-160.6.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.1-160.6.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.9-17.8.1
- (no CPE)range: < 0.9.10-4.3.1
- (no CPE)range: < 0.9.9-17.8.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- security.gentoo.org/glsa/201908-05mitrevendor-advisoryx_refsource_GENTOO
- security.gentoo.org/glsa/202006-06mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/3877-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/4547-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/4547-2/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/4587-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2019/dsa-4383mitrevendor-advisoryx_refsource_DEBIAN
- ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-034-libvnc-null-pointer-dereference/mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2018/12/msg00017.htmlmitremailing-listx_refsource_MLIST
- lists.debian.org/debian-lts-announce/2019/10/msg00042.htmlmitremailing-listx_refsource_MLIST
- lists.debian.org/debian-lts-announce/2019/11/msg00033.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.