Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 42: tigervnc 2025-ef7fb833f2 Security Advisory Updates

fedora
Calendar Grey March 15, 2025
Dist Fedora Esm H88
Fixes for multiple critical CVEs in TigerVNC for Fedora 42. Update and secure remote display systems.
Fixes for xorg-x11-server CVEs.

Summary

Virtual Network Computing (VNC) is a remote display system which

allows you to view a computing 'desktop' environment not only on the

machine where it is running, but from anywhere on the Internet and

from a wide variety of machine architectures. This package contains a

client which will allow you to connect to other desktops running a VNC

server.

Update Information:

Fixes for xorg-x11-server CVEs.

Topics%20covered

Topics Covered

security advisory buffer overflow Fedora remote access tigervnc

Change Log

* Mon Mar 3 2025 Jan Grulich - 1.15.0-2 - Rebuild (xorg-x11-server) Fixes CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601

References


[ 1 ] Bug #2349366 - CVE-2025-26598 tigervnc: Out-of-bounds write in CreatePointerBarrierClient() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349366 [ 2 ] Bug #2349369 - CVE-2025-26594 tigervnc: Use-after-free of the root cursor [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349369 [ 3 ] Bug #2349372 - CVE-2025-26596 tigervnc: Heap overflow in XkbWriteKeySyms() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349372 [ 4 ] Bug #2349375 - CVE-2025-26595 tigervnc: Buffer overflow in XkbVModMaskText() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349375 [ 5 ] Bug #2349378 - CVE-2025-26597 tigervnc: Buffer overflow in XkbChangeTypesOfKey() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349378 [ 6 ] Bug #2349455 - CVE-2025-26599 tigervnc: Use of uninitialized pointer in compRedirectWindow() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349455 [ 7 ]...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-ef7fb833f2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: tigervnc
Product: Fedora 42
Version: 1.15.0
Release: 2.fc42
URL: https://tigervnc.org/
Summary: A TigerVNC remote display system

Topics%20covered

Topics Covered

security advisory buffer overflow Fedora remote access tigervnc

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here