Red Hat Product Errata RHSA-2025:2873 - Security Advisory
Issued:
2025-03-17
Updated:
2025-03-17

RHSA-2025:2873 - Security Advisory

Synopsis

Important: tigervnc security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

  • X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594)
  • xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601)
  • xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600)
  • xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599)
  • xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598)
  • xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597)
  • xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596)
  • Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x

Fixes

  • BZ - 2345248 - CVE-2025-26594 X.Org: Xwayland: Use-after-free of the root cursor
  • BZ - 2345251 - CVE-2025-26601 xorg: xwayland: Use-after-free in SyncInitTrigger()
  • BZ - 2345252 - CVE-2025-26600 xorg: xwayland: Use-after-free in PlayReleasedEvents()
  • BZ - 2345253 - CVE-2025-26599 xorg: xwayland: Use of uninitialized pointer in compRedirectWindow()
  • BZ - 2345254 - CVE-2025-26598 xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient()
  • BZ - 2345255 - CVE-2025-26597 xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey()
  • BZ - 2345256 - CVE-2025-26596 xorg: xwayland: Heap overflow in XkbWriteKeySyms()
  • BZ - 2345257 - CVE-2025-26595 Xorg: xwayland: Buffer overflow in XkbVModMaskText()

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM
tigervnc-1.11.0-22.el9_0.13.src.rpm SHA-256: bacd81898fbfa07e04e3dd3c2a7af16f278680582ce3147fca195316aa3bfb48
ppc64le
tigervnc-1.11.0-22.el9_0.13.ppc64le.rpm SHA-256: d2315f04dbd0a9e6e765fc084bfff2dd7b74a68bcb6da3dd3f284f04b6560dbe
tigervnc-debuginfo-1.11.0-22.el9_0.13.ppc64le.rpm SHA-256: f2fa20e336b4a0e4c1a486c8ad7f7d3de151da1b745f6c5d7db31adb711f0981
tigervnc-debugsource-1.11.0-22.el9_0.13.ppc64le.rpm SHA-256: 08bc268050e461899832ee461fde5e56c0ead2237e15e42aea1020d5a1aeb1f6
tigervnc-icons-1.11.0-22.el9_0.13.noarch.rpm SHA-256: 294a62a4dc8375489690eac002eb43cb52c54154297396bacd7c5bcb5cb3469b
tigervnc-license-1.11.0-22.el9_0.13.noarch.rpm SHA-256: 9d276d303b83c0670644168b699dad1888f10a0685ea6e1760338b794ed1fce2
tigervnc-selinux-1.11.0-22.el9_0.13.noarch.rpm SHA-256: 0637e3e3791d2e94af2c67bd308d28f2aeb4f3bfee2d2a940a575af0fb90a58b
tigervnc-server-1.11.0-22.el9_0.13.ppc64le.rpm SHA-256: 3cc9359147285a80bc19a656b8dedbb89db34c4500ff2a9e2a417f569a44b85c
tigervnc-server-debuginfo-1.11.0-22.el9_0.13.ppc64le.rpm SHA-256: 86dca048eded51107e83fc9ea7c34c302e6ad42c24e0d3714e616f969d8649de
tigervnc-server-minimal-1.11.0-22.el9_0.13.ppc64le.rpm SHA-256: 4c776e01b45c69b1b665697b98dd34a4c40c797425abdad5676bb8c7adfc172f
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.13.ppc64le.rpm SHA-256: 3f7643c6414c9643e7b94d0aaf254c8f6605b49f7636a85212dcad2314fad19e
tigervnc-server-module-1.11.0-22.el9_0.13.ppc64le.rpm SHA-256: bab53557a806af3fe174b09e9843be1b3a6e2395b165732b86c8270d9ad6d5c0
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.13.ppc64le.rpm SHA-256: be31696e4da00d029f1fa14a1eedc48ecb87611dce48caf73a0b041669a8c6a5

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM
tigervnc-1.11.0-22.el9_0.13.src.rpm SHA-256: bacd81898fbfa07e04e3dd3c2a7af16f278680582ce3147fca195316aa3bfb48
x86_64
tigervnc-1.11.0-22.el9_0.13.x86_64.rpm SHA-256: 3c24c1296a33942d788caed4283fd2afc71dabc32b13ec181ecdc3964e7ad67c
tigervnc-debuginfo-1.11.0-22.el9_0.13.x86_64.rpm SHA-256: d28fdfc551e2d22890309de69f3e82bdcc4c00389e792700a0af8dc92a55c627
tigervnc-debugsource-1.11.0-22.el9_0.13.x86_64.rpm SHA-256: 36515410a7c7d22537aa3a159e146161b97f1dc375ad9a741250bf4b3e333bc2
tigervnc-icons-1.11.0-22.el9_0.13.noarch.rpm SHA-256: 294a62a4dc8375489690eac002eb43cb52c54154297396bacd7c5bcb5cb3469b
tigervnc-license-1.11.0-22.el9_0.13.noarch.rpm SHA-256: 9d276d303b83c0670644168b699dad1888f10a0685ea6e1760338b794ed1fce2
tigervnc-selinux-1.11.0-22.el9_0.13.noarch.rpm SHA-256: 0637e3e3791d2e94af2c67bd308d28f2aeb4f3bfee2d2a940a575af0fb90a58b
tigervnc-server-1.11.0-22.el9_0.13.x86_64.rpm SHA-256: 4943a02b20e6f3fa9f763192413b96a0198e7e8b31f2c9ae8f6087c26df47f4e
tigervnc-server-debuginfo-1.11.0-22.el9_0.13.x86_64.rpm SHA-256: d138a83c484ad85ca94ef323dbc67a2bc7bb190f40ee7b41fe8e6313275a78d6
tigervnc-server-minimal-1.11.0-22.el9_0.13.x86_64.rpm SHA-256: 07b9d844897a509afc58d4d92de24db793e6cafc6258e223f1e2ab77bb294725
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.13.x86_64.rpm SHA-256: 405bfca22b7b4d3cce2e85cf39d44e273ee42de1bc85626718a29d4c07a8bd43
tigervnc-server-module-1.11.0-22.el9_0.13.x86_64.rpm SHA-256: e13d4cae35b719cb90f45006e0ee1f43e4975239a6ced1a2b32692d453601a09
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.13.x86_64.rpm SHA-256: 453fcef7067e1315937e79389e5215232f5a1d4f8c40a0a4777ec64cd453b1fd

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0

SRPM
tigervnc-1.11.0-22.el9_0.13.src.rpm SHA-256: bacd81898fbfa07e04e3dd3c2a7af16f278680582ce3147fca195316aa3bfb48
aarch64
tigervnc-1.11.0-22.el9_0.13.aarch64.rpm SHA-256: 2fa53e34abf794ee1ed3770b5119eb90c155980e41a758ae5c860512bfa5b619
tigervnc-debuginfo-1.11.0-22.el9_0.13.aarch64.rpm SHA-256: bada0bff5446c2f06c93ce40efdff69f0d75408df8dd4eb60ae6479631651dd7
tigervnc-debugsource-1.11.0-22.el9_0.13.aarch64.rpm SHA-256: 97e546ddd047330c9c06579777b81657e1cf1fbd1c4c8d749a9c4c85b4757409
tigervnc-icons-1.11.0-22.el9_0.13.noarch.rpm SHA-256: 294a62a4dc8375489690eac002eb43cb52c54154297396bacd7c5bcb5cb3469b
tigervnc-license-1.11.0-22.el9_0.13.noarch.rpm SHA-256: 9d276d303b83c0670644168b699dad1888f10a0685ea6e1760338b794ed1fce2
tigervnc-selinux-1.11.0-22.el9_0.13.noarch.rpm SHA-256: 0637e3e3791d2e94af2c67bd308d28f2aeb4f3bfee2d2a940a575af0fb90a58b
tigervnc-server-1.11.0-22.el9_0.13.aarch64.rpm SHA-256: e60f2a21eb6fc807f94533407b6f661fd952a03c47e4943507fc059cb6b054bf
tigervnc-server-debuginfo-1.11.0-22.el9_0.13.aarch64.rpm SHA-256: 76d8667d807f4245551d37b4bcdff3aec6c37b8d0d156ef7022afaec52fe1a3e
tigervnc-server-minimal-1.11.0-22.el9_0.13.aarch64.rpm SHA-256: 122fd2987ed64863a968d7283ad91f783c1db58c1cc777d695ae2341a479a775
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.13.aarch64.rpm SHA-256: 77faf99d3c931584e01561b7ee7667f92855209656ecbc77e65058239aed3900
tigervnc-server-module-1.11.0-22.el9_0.13.aarch64.rpm SHA-256: 405388e798c7fc19c7043931de808e765ae138089d988fdc0a19a5c7c687d39f
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.13.aarch64.rpm SHA-256: 8c3d66179c4de8f7c7c8cd62b185a2dbca5901f8f83577b76410c95c9ef53403

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0

SRPM
tigervnc-1.11.0-22.el9_0.13.src.rpm SHA-256: bacd81898fbfa07e04e3dd3c2a7af16f278680582ce3147fca195316aa3bfb48
s390x
tigervnc-1.11.0-22.el9_0.13.s390x.rpm SHA-256: 299b8bec2fceeb16e868478222096e2b7e14052dcfb1d57ef009313c75c03560
tigervnc-debuginfo-1.11.0-22.el9_0.13.s390x.rpm SHA-256: e26bdee26a9b537f597c27a67cb9f1937291053d1791616b783704a348793a1a
tigervnc-debugsource-1.11.0-22.el9_0.13.s390x.rpm SHA-256: 5de1f5dea7b7d9ba26391d44c28031446af32332e6c149201cc8745417a3a5f6
tigervnc-icons-1.11.0-22.el9_0.13.noarch.rpm SHA-256: 294a62a4dc8375489690eac002eb43cb52c54154297396bacd7c5bcb5cb3469b
tigervnc-license-1.11.0-22.el9_0.13.noarch.rpm SHA-256: 9d276d303b83c0670644168b699dad1888f10a0685ea6e1760338b794ed1fce2
tigervnc-selinux-1.11.0-22.el9_0.13.noarch.rpm SHA-256: 0637e3e3791d2e94af2c67bd308d28f2aeb4f3bfee2d2a940a575af0fb90a58b
tigervnc-server-1.11.0-22.el9_0.13.s390x.rpm SHA-256: b4a0cafb87e359939321d36b0fc66530504b6112f7acd02f92f5e18c48b3d0e7
tigervnc-server-debuginfo-1.11.0-22.el9_0.13.s390x.rpm SHA-256: 86dd25deaadfb89bbb1c7237c5758afa90f7b66924d59d3a673081f576ec7a24
tigervnc-server-minimal-1.11.0-22.el9_0.13.s390x.rpm SHA-256: f7a154223d58dc650d6fe48ebe069cb1f84e9f136bb96d4ba7cb18a91503812b
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.13.s390x.rpm SHA-256: 1aba6217114e0599950c962fe623bd0e31120a98c79f5226004b494a54d05c14
tigervnc-server-module-1.11.0-22.el9_0.13.s390x.rpm SHA-256: 4625cf772cea9ef2198eb6da49cfc6ba4c25270c4b5b5d80c3f3544c49210cc8
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.13.s390x.rpm SHA-256: 2e1e35592ddc8523516100a6ac2d866418806e64f44d159e86527d2a2cb71db8

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.