Alerts This Week
Warning Icon 1 1,229
Alerts This Week
Warning Icon 1 1,229

Fedora 43 tigervnc Critical Info Exposure Denial of Service 2026-ad10afa9cd

fedora
Calendar Grey June 26, 2026
Dist Fedora Esm H88
Critical advisory for Fedora 43 regarding Tigervnc fixes for multiple CVEs. Immediate update is recommended.
Fixes CVE-2026-50256 CVE-2026-50257 CVE-2026-50258 CVE-2026-50259 CVE-2026-50260 CVE-2026-50261 CVE-2026-50262 CVE-2026-50263 CVE-2026-50264.

Summary

Virtual Network Computing (VNC) is a remote display system which

allows you to view a computing 'desktop' environment not only on the

machine where it is running, but from anywhere on the Internet and

from a wide variety of machine architectures. This package contains a

client which will allow you to connect to other desktops running a VNC

server.

Update Information:

Fixes CVE-2026-50256 CVE-2026-50257 CVE-2026-50258 CVE-2026-50259 CVE-2026-50260 CVE-2026-50261 CVE-2026-50262 CVE-2026-50263 CVE-2026-50264.

Topics%20covered

Topics Covered

security advisory denial of service fedora critical information exposure tigervnc

Change Log

* Thu Jun 18 2026 Jan Grulich - 1.16.2-4 - Rebuild (xorg-x11-server) Fixes CVE-2026-50256 CVE-2026-50257 CVE-2026-50258 CVE-2026-50259 CVE-2026-50260 CVE-2026-50261 CVE-2026-50262 CVE-2026-50263 CVE-2026-50264 * Fri Jun 12 2026 Yaakov Selkowitz - 1.16.2-3 - Rebuilt for openssl 4.0

References


[ 1 ] Bug #2476414 - CVE-2026-34002 tigervnc: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476414 [ 2 ] Bug #2476956 - CVE-2026-33999 tigervnc: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476956 [ 3 ] Bug #2476958 - CVE-2026-34001 tigervnc: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476958 [ 4 ] Bug #2476965 - CVE-2026-34003 tigervnc: X.Org X server: Information exposure and denial of service via out-of-bounds memory access [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476965

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ad10afa9cd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: tigervnc
Product: Fedora 43
Version: 1.16.2
Release: 4.fc43
URL: https://www.tigervnc.com
Summary: A TigerVNC remote display system

Topics%20covered

Topics Covered

security advisory denial of service fedora critical information exposure tigervnc

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here