Red Hat Product Errata RHSA-2025:2861 - Security Advisory
Issued:
2025-03-17
Updated:
2025-03-17

RHSA-2025:2861 - Security Advisory

Synopsis

Important: tigervnc security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for tigervnc is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

  • X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594)
  • xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601)
  • xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600)
  • xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599)
  • xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598)
  • xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597)
  • xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596)
  • Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le

Fixes

  • BZ - 2345248 - CVE-2025-26594 X.Org: Xwayland: Use-after-free of the root cursor
  • BZ - 2345251 - CVE-2025-26601 xorg: xwayland: Use-after-free in SyncInitTrigger()
  • BZ - 2345252 - CVE-2025-26600 xorg: xwayland: Use-after-free in PlayReleasedEvents()
  • BZ - 2345253 - CVE-2025-26599 xorg: xwayland: Use of uninitialized pointer in compRedirectWindow()
  • BZ - 2345254 - CVE-2025-26598 xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient()
  • BZ - 2345255 - CVE-2025-26597 xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey()
  • BZ - 2345256 - CVE-2025-26596 xorg: xwayland: Heap overflow in XkbWriteKeySyms()
  • BZ - 2345257 - CVE-2025-26595 Xorg: xwayland: Buffer overflow in XkbVModMaskText()

Red Hat Enterprise Linux Server - Extended Life Cycle Support 7

SRPM
tigervnc-1.8.0-36.el7_9.src.rpm SHA-256: 92140b01c1847e367e8dd8846a31f854fb1c74395ce5896a046b086d08e94a75
x86_64
tigervnc-1.8.0-36.el7_9.x86_64.rpm SHA-256: cdd0f1c6a4037f5b74e8e2c3ea86eff395e6383388a2b6245cf1c38aeb4d5bb8
tigervnc-debuginfo-1.8.0-36.el7_9.x86_64.rpm SHA-256: 3250c5a1762da73b1a2b91112d3438a87d91f7ba356e1cddcb530935585cf41a
tigervnc-debuginfo-1.8.0-36.el7_9.x86_64.rpm SHA-256: 3250c5a1762da73b1a2b91112d3438a87d91f7ba356e1cddcb530935585cf41a
tigervnc-icons-1.8.0-36.el7_9.noarch.rpm SHA-256: c113744785e6d553847bbe4ebf62f7f0d467c0cbf48567a11432ace71cd9bdb4
tigervnc-license-1.8.0-36.el7_9.noarch.rpm SHA-256: d90321f712406a97480d2ad7bdf37d58c61e733ee4a4cb8b024f943aab1e3db6
tigervnc-server-1.8.0-36.el7_9.x86_64.rpm SHA-256: fbf528522f06cf897b29bbbdd9f63f5b032dd37138c86ec6613924dfe1297ed8
tigervnc-server-applet-1.8.0-36.el7_9.noarch.rpm SHA-256: 360f11fbda5d6acc87b68726b8c96bb0cde3377c237aad68be48829ba0dcb646
tigervnc-server-minimal-1.8.0-36.el7_9.x86_64.rpm SHA-256: 79ce544385ade3ec7c2eca1168877f9dc0b21f4c7c53382ec4a771f56d7d7b0e
tigervnc-server-module-1.8.0-36.el7_9.x86_64.rpm SHA-256: ca150e238a3393355d393686c2a82ede7751a38bdf3109c9b5d1526afbdd19f9

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7

SRPM
tigervnc-1.8.0-36.el7_9.src.rpm SHA-256: 92140b01c1847e367e8dd8846a31f854fb1c74395ce5896a046b086d08e94a75
s390x
tigervnc-1.8.0-36.el7_9.s390x.rpm SHA-256: 2862980ac65752bcacd9dbc275c250e2f1565b82876eadc2298775a25ada3689
tigervnc-debuginfo-1.8.0-36.el7_9.s390x.rpm SHA-256: 63ea6d13b05887fdfc07d31291877fb9883c2503855f00f703725010c7396beb
tigervnc-icons-1.8.0-36.el7_9.noarch.rpm SHA-256: c113744785e6d553847bbe4ebf62f7f0d467c0cbf48567a11432ace71cd9bdb4
tigervnc-license-1.8.0-36.el7_9.noarch.rpm SHA-256: d90321f712406a97480d2ad7bdf37d58c61e733ee4a4cb8b024f943aab1e3db6
tigervnc-server-1.8.0-36.el7_9.s390x.rpm SHA-256: 27b2bf5711a6a24be9ab2a6fb04f95459710e187d205508cd74dc1d3204b1e8d
tigervnc-server-applet-1.8.0-36.el7_9.noarch.rpm SHA-256: 360f11fbda5d6acc87b68726b8c96bb0cde3377c237aad68be48829ba0dcb646
tigervnc-server-minimal-1.8.0-36.el7_9.s390x.rpm SHA-256: 2d6f395bed4dd23d6850715c2c7ead7427ace564802ad20c99b973b23e5e2816

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7

SRPM
tigervnc-1.8.0-36.el7_9.src.rpm SHA-256: 92140b01c1847e367e8dd8846a31f854fb1c74395ce5896a046b086d08e94a75
ppc64
tigervnc-1.8.0-36.el7_9.ppc64.rpm SHA-256: 55f3d15d0dbdf7b2e9ac1a374eeecd62d199320f46ef33d34bb86705c4de4acd
tigervnc-debuginfo-1.8.0-36.el7_9.ppc64.rpm SHA-256: 4744990591eb32f60e2b42ac7f5638ed137a29c7f5e0c9b8822afdc085039dcc
tigervnc-debuginfo-1.8.0-36.el7_9.ppc64.rpm SHA-256: 4744990591eb32f60e2b42ac7f5638ed137a29c7f5e0c9b8822afdc085039dcc
tigervnc-icons-1.8.0-36.el7_9.noarch.rpm SHA-256: c113744785e6d553847bbe4ebf62f7f0d467c0cbf48567a11432ace71cd9bdb4
tigervnc-license-1.8.0-36.el7_9.noarch.rpm SHA-256: d90321f712406a97480d2ad7bdf37d58c61e733ee4a4cb8b024f943aab1e3db6
tigervnc-server-1.8.0-36.el7_9.ppc64.rpm SHA-256: 247237a0c33b954de7a6ae9d5b6c1bf857882478650f9936960c7ed96c74522e
tigervnc-server-applet-1.8.0-36.el7_9.noarch.rpm SHA-256: 360f11fbda5d6acc87b68726b8c96bb0cde3377c237aad68be48829ba0dcb646
tigervnc-server-minimal-1.8.0-36.el7_9.ppc64.rpm SHA-256: aaa46cf2e1f53424a2f764c59e1a66d070133039e14afeaaad4ec119410bb8e1
tigervnc-server-module-1.8.0-36.el7_9.ppc64.rpm SHA-256: 56d4f11e30b2967fe88f94509ca6f404fa73b745c40a4d81c76f3ec59a373759

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7

SRPM
tigervnc-1.8.0-36.el7_9.src.rpm SHA-256: 92140b01c1847e367e8dd8846a31f854fb1c74395ce5896a046b086d08e94a75
ppc64le
tigervnc-1.8.0-36.el7_9.ppc64le.rpm SHA-256: ea0962f9362aa0a2ab36190419cdf4bb1b003a2f5b64e9363276ce854d7b204f
tigervnc-debuginfo-1.8.0-36.el7_9.ppc64le.rpm SHA-256: 60f5428d06d27bea48362549e7752fec4c03aedf887660946d9c4e93b518991b
tigervnc-debuginfo-1.8.0-36.el7_9.ppc64le.rpm SHA-256: 60f5428d06d27bea48362549e7752fec4c03aedf887660946d9c4e93b518991b
tigervnc-icons-1.8.0-36.el7_9.noarch.rpm SHA-256: c113744785e6d553847bbe4ebf62f7f0d467c0cbf48567a11432ace71cd9bdb4
tigervnc-license-1.8.0-36.el7_9.noarch.rpm SHA-256: d90321f712406a97480d2ad7bdf37d58c61e733ee4a4cb8b024f943aab1e3db6
tigervnc-server-1.8.0-36.el7_9.ppc64le.rpm SHA-256: 52f2a88a291e9c4f29d652fcc6856e0b8788cb50dc9b56e953188d6dc9fd31cb
tigervnc-server-applet-1.8.0-36.el7_9.noarch.rpm SHA-256: 360f11fbda5d6acc87b68726b8c96bb0cde3377c237aad68be48829ba0dcb646
tigervnc-server-minimal-1.8.0-36.el7_9.ppc64le.rpm SHA-256: 707d5b0716256a25cf9b216ace9217cd43df9cc7377571fba3cdc4abf30e868b
tigervnc-server-module-1.8.0-36.el7_9.ppc64le.rpm SHA-256: 62add0e49b578bd9823434f1189cd3fdb2149e917cbf5576e49d8c5f1c1f86a2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.