Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 40: tigervnc 2025-a87bc329fe Security Advisory Updates

fedora
Calendar Grey March 13, 2025
Dist Fedora Esm H88
Addressing critical security alerts for Tigervnc in Fedora 40 associated with xorg-x11-server vulnerabilities.
Fixes for xorg-x11-server CVEs.

Summary

Virtual Network Computing (VNC) is a remote display system which

allows you to view a computing 'desktop' environment not only on the

machine where it is running, but from anywhere on the Internet and

from a wide variety of machine architectures. This package contains a

client which will allow you to connect to other desktops running a VNC

server.

Update Information:

Fixes for xorg-x11-server CVEs.

Topics%20covered

Topics Covered

security advisory security issue update Fedora remote display xorg-x11

Change Log

* Mon Mar 3 2025 Jan Grulich - 1.15.0-2 - Rebuild (xorg-x11-server) Fixes CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601

References


[ 1 ] Bug #2349366 - CVE-2025-26598 tigervnc: Out-of-bounds write in CreatePointerBarrierClient() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349366 [ 2 ] Bug #2349369 - CVE-2025-26594 tigervnc: Use-after-free of the root cursor [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349369 [ 3 ] Bug #2349372 - CVE-2025-26596 tigervnc: Heap overflow in XkbWriteKeySyms() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349372 [ 4 ] Bug #2349375 - CVE-2025-26595 tigervnc: Buffer overflow in XkbVModMaskText() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349375 [ 5 ] Bug #2349378 - CVE-2025-26597 tigervnc: Buffer overflow in XkbChangeTypesOfKey() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349378 [ 6 ] Bug #2349455 - CVE-2025-26599 tigervnc: Use of uninitialized pointer in compRedirectWindow() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349455 [ 7 ]...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a87bc329fe' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: tigervnc
Product: Fedora 40
Version: 1.15.0
Release: 2.fc40
URL: https://tigervnc.org/
Summary: A TigerVNC remote display system

Topics%20covered

Topics Covered

security advisory security issue update Fedora remote display xorg-x11

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here