Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 43: TigerVNC Moderate Use-After-Free Issues FEDORA-2025-e0c935675d

fedora
Calendar Grey December 3, 2025
Dist Fedora Esm H88
Fixes CVEs for TigerVNC in Fedora 43, addressing critical security issues like use-after-free vulnerabilities.
Fix recent xorg-x11-server CVEs: Fixes: CVE-2025-62229 CVE-2025-62230 CVE-2025-62231

Summary

Virtual Network Computing (VNC) is a remote display system which

allows you to view a computing 'desktop' environment not only on the

machine where it is running, but from anywhere on the Internet and

from a wide variety of machine architectures. This package contains a

client which will allow you to connect to other desktops running a VNC

server.

Update Information:

Fix recent xorg-x11-server CVEs: Fixes: CVE-2025-62229 CVE-2025-62230 CVE-2025-62231

Topics%20covered

Topics Covered

security advisory fedora security fix remote display Xorg use-after-free

Change Log

* Mon Nov 24 2025 Jan Grulich - 1.15.0-10 - Rebuild (xorg-x11-server) Fixes: CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 * Tue Nov 11 2025 Cristian Le - 1.15.0-9 - Allow to build with CMake 4.0 (rhbz#2381485) * Wed Oct 15 2025 Dominik Mierzejewski - 1.15.0-8 - Rebuilt for FFmpeg 8

References


[ 1 ] Bug #2375539 - CVE-2025-49180 tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2375539 [ 2 ] Bug #2375544 - CVE-2025-49179 tigervnc: Integer overflow in X Record extension [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2375544 [ 3 ] Bug #2375554 - CVE-2025-49176 tigervnc: Integer Overflow in Big Requests Extension [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2375554 [ 4 ] Bug #2375557 - CVE-2025-49175 tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2375557 [ 5 ] Bug #2375561 - CVE-2025-49177 tigervnc: Data Leak in XFIXES Extension's XFixesSetClientDisconnectMode [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2375561 [ 6 ] Bug #2375564 - CVE-2025-49178 tigervnc: Unprocessed Client Request Due to Bytes to Ignore [fedora-all] ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-e0c935675d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: tigervnc
Product: Fedora 43
Version: 1.15.0
Release: 10.fc43
URL: http://www.tigervnc.com
Summary: A TigerVNC remote display system

Topics%20covered

Topics Covered

security advisory fedora security fix remote display Xorg use-after-free

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here