Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 41: tigervnc 2025-96f8a2da96 Security Advisory Updates

fedora
Calendar Grey March 19, 2025
Dist Fedora Esm H88
Tigervnc 1.15.0 update addresses critical security issues in Fedora 41. Immediate action is recommended for users.
Tigervnc 1.15.0 update.

Summary

Virtual Network Computing (VNC) is a remote display system which

allows you to view a computing 'desktop' environment not only on the

machine where it is running, but from anywhere on the Internet and

from a wide variety of machine architectures. This package contains a

client which will allow you to connect to other desktops running a VNC

server.

Update Information:

Tigervnc 1.15.0 update.

Topics%20covered

Topics Covered

security advisory update buffer overflow Fedora tigervnc

Change Log

* Mon Mar 3 2025 Jan Grulich - 1.15.0-2 - Rebuild (xorg-x11-server) Fixes CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601 * Tue Feb 18 2025 Jan Grulich - 1.15.0-1 - 1.15.0 * Tue Jan 21 2025 Jan Grulich - 1.14.1-5 - Adjust paths for vncsession binary for /sbin and /bin merge * Sun Jan 19 2025 Fedora Release Engineering - 1.14.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild

References


[ 1 ] Bug #2337822 - tigervnc-1.15.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2337822 [ 2 ] Bug #2349366 - CVE-2025-26598 tigervnc: Out-of-bounds write in CreatePointerBarrierClient() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349366 [ 3 ] Bug #2349369 - CVE-2025-26594 tigervnc: Use-after-free of the root cursor [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349369 [ 4 ] Bug #2349372 - CVE-2025-26596 tigervnc: Heap overflow in XkbWriteKeySyms() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349372 [ 5 ] Bug #2349375 - CVE-2025-26595 tigervnc: Buffer overflow in XkbVModMaskText() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349375 [ 6 ] Bug #2349378 - CVE-2025-26597 tigervnc: Buffer overflow in XkbChangeTypesOfKey() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349378 [ 7 ] Bug #2349455 - CVE-2025-26599 tigervnc: Use of uninitialized ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-96f8a2da96' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: tigervnc
Product: Fedora 41
Version: 1.15.0
Release: 2.fc41
URL: https://tigervnc.org/
Summary: A TigerVNC remote display system

Topics%20covered

Topics Covered

security advisory update buffer overflow Fedora tigervnc

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here