Red Hat Product Errata RHSA-2025:2880 - Security Advisory
Issued:
2025-03-17
Updated:
2025-03-17

RHSA-2025:2880 - Security Advisory

Synopsis

Important: tigervnc security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

  • X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594)
  • xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601)
  • xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600)
  • xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599)
  • xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598)
  • xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597)
  • xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596)
  • Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2345248 - CVE-2025-26594 X.Org: Xwayland: Use-after-free of the root cursor
  • BZ - 2345251 - CVE-2025-26601 xorg: xwayland: Use-after-free in SyncInitTrigger()
  • BZ - 2345252 - CVE-2025-26600 xorg: xwayland: Use-after-free in PlayReleasedEvents()
  • BZ - 2345253 - CVE-2025-26599 xorg: xwayland: Use of uninitialized pointer in compRedirectWindow()
  • BZ - 2345254 - CVE-2025-26598 xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient()
  • BZ - 2345255 - CVE-2025-26597 xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey()
  • BZ - 2345256 - CVE-2025-26596 xorg: xwayland: Heap overflow in XkbWriteKeySyms()
  • BZ - 2345257 - CVE-2025-26595 Xorg: xwayland: Buffer overflow in XkbVModMaskText()

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
tigervnc-1.12.0-6.el8_6.13.src.rpm SHA-256: ea730350d41ec58c22eff3ed70ae73c6f8c9d69bc19eb47c358cda801ecb6f09
x86_64
tigervnc-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 32fc516467bf9827783a56efe2a24371fff611459f8d50bb81b285cdbb66886a
tigervnc-debuginfo-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 1f7ffdc5f5d9f4a7467a351db97bcefa66636cab57917d8f52c6337758a71443
tigervnc-debugsource-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 615e2d5a2a23829e329db3a1c2cd82129c051fb19899c13b7211bc2bbf5ea1f4
tigervnc-icons-1.12.0-6.el8_6.13.noarch.rpm SHA-256: 7ca70d39e0b8000708efdaf53abecd9f95bc9521c7f21ea3f28870653c0e4871
tigervnc-license-1.12.0-6.el8_6.13.noarch.rpm SHA-256: bb75f6a569cdc029d8ab63573a08e6d8b810af24d22cc97ceb04a72d371a45c7
tigervnc-selinux-1.12.0-6.el8_6.13.noarch.rpm SHA-256: cf3cc38f22418d42145b9a02dc1c96fa53384e712b78e447db41ba2c2dc72fa1
tigervnc-server-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 7e146c121b6902e39b608c6970c100d69e0be92679005f6fb6cff61a0b6f8d0b
tigervnc-server-debuginfo-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 6bd484f5e86ee19be2f2a6c646d789147319fd98c5e1d82006aed423d9ec4f40
tigervnc-server-minimal-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 7ec8871426858380c91873353b645b7eb0174da74cc46c3d5ab3bd42408f9ca9
tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: d331938a29004d7e71457830d26982468e14793990915adb6f8009e24260aa47
tigervnc-server-module-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: a6d9f8fbc124796b6d7cd441b43c814b26fa5f846a2e5ce5166677ec6eadfd57
tigervnc-server-module-debuginfo-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: db09a7778ae223ef72106b8bdec41cadb205f5f6e7f048fe4f08903c49f0b8eb

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
tigervnc-1.12.0-6.el8_6.13.src.rpm SHA-256: ea730350d41ec58c22eff3ed70ae73c6f8c9d69bc19eb47c358cda801ecb6f09
x86_64
tigervnc-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 32fc516467bf9827783a56efe2a24371fff611459f8d50bb81b285cdbb66886a
tigervnc-debuginfo-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 1f7ffdc5f5d9f4a7467a351db97bcefa66636cab57917d8f52c6337758a71443
tigervnc-debugsource-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 615e2d5a2a23829e329db3a1c2cd82129c051fb19899c13b7211bc2bbf5ea1f4
tigervnc-icons-1.12.0-6.el8_6.13.noarch.rpm SHA-256: 7ca70d39e0b8000708efdaf53abecd9f95bc9521c7f21ea3f28870653c0e4871
tigervnc-license-1.12.0-6.el8_6.13.noarch.rpm SHA-256: bb75f6a569cdc029d8ab63573a08e6d8b810af24d22cc97ceb04a72d371a45c7
tigervnc-selinux-1.12.0-6.el8_6.13.noarch.rpm SHA-256: cf3cc38f22418d42145b9a02dc1c96fa53384e712b78e447db41ba2c2dc72fa1
tigervnc-server-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 7e146c121b6902e39b608c6970c100d69e0be92679005f6fb6cff61a0b6f8d0b
tigervnc-server-debuginfo-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 6bd484f5e86ee19be2f2a6c646d789147319fd98c5e1d82006aed423d9ec4f40
tigervnc-server-minimal-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 7ec8871426858380c91873353b645b7eb0174da74cc46c3d5ab3bd42408f9ca9
tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: d331938a29004d7e71457830d26982468e14793990915adb6f8009e24260aa47
tigervnc-server-module-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: a6d9f8fbc124796b6d7cd441b43c814b26fa5f846a2e5ce5166677ec6eadfd57
tigervnc-server-module-debuginfo-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: db09a7778ae223ef72106b8bdec41cadb205f5f6e7f048fe4f08903c49f0b8eb

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
tigervnc-1.12.0-6.el8_6.13.src.rpm SHA-256: ea730350d41ec58c22eff3ed70ae73c6f8c9d69bc19eb47c358cda801ecb6f09
ppc64le
tigervnc-1.12.0-6.el8_6.13.ppc64le.rpm SHA-256: b0db3becc7f7b07f2cd0d50e1f9b53e27eb2b8240a74f6a3427a9874795fe833
tigervnc-debuginfo-1.12.0-6.el8_6.13.ppc64le.rpm SHA-256: bdcc494ccceca9c7d9dea04d38e809b7592e256b8231a26f67446575d9552b7d
tigervnc-debugsource-1.12.0-6.el8_6.13.ppc64le.rpm SHA-256: f3dd585fc1b5abea410f6637b53ce631be79bfbf35048fd3a81d5520ff3a87e2
tigervnc-icons-1.12.0-6.el8_6.13.noarch.rpm SHA-256: 7ca70d39e0b8000708efdaf53abecd9f95bc9521c7f21ea3f28870653c0e4871
tigervnc-license-1.12.0-6.el8_6.13.noarch.rpm SHA-256: bb75f6a569cdc029d8ab63573a08e6d8b810af24d22cc97ceb04a72d371a45c7
tigervnc-selinux-1.12.0-6.el8_6.13.noarch.rpm SHA-256: cf3cc38f22418d42145b9a02dc1c96fa53384e712b78e447db41ba2c2dc72fa1
tigervnc-server-1.12.0-6.el8_6.13.ppc64le.rpm SHA-256: 7a90332c1efc226683a2d4379fa075c22542c520e087b14f60f9c6a5c34cb75a
tigervnc-server-debuginfo-1.12.0-6.el8_6.13.ppc64le.rpm SHA-256: 10724167489ae437e79a1b9284a50b0280e7144b848d304982b4116f6501f8ff
tigervnc-server-minimal-1.12.0-6.el8_6.13.ppc64le.rpm SHA-256: 24d620a8467afc4f6478da628f7114db74d33d53220b2bd7c4bbcb426cb4f79f
tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.13.ppc64le.rpm SHA-256: 81853d0d37b4ac316a625d88aaa4ec4caf7dea4b371d80311351ce5d7cd32865
tigervnc-server-module-1.12.0-6.el8_6.13.ppc64le.rpm SHA-256: dba7794ec828244115992e801a1636150c37e612a7900454c194779cfe04324e
tigervnc-server-module-debuginfo-1.12.0-6.el8_6.13.ppc64le.rpm SHA-256: aa29746dc9fb3b2eb20c5ed88873377be4ec1802f0af902ee6fc9f97572575c3

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
tigervnc-1.12.0-6.el8_6.13.src.rpm SHA-256: ea730350d41ec58c22eff3ed70ae73c6f8c9d69bc19eb47c358cda801ecb6f09
x86_64
tigervnc-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 32fc516467bf9827783a56efe2a24371fff611459f8d50bb81b285cdbb66886a
tigervnc-debuginfo-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 1f7ffdc5f5d9f4a7467a351db97bcefa66636cab57917d8f52c6337758a71443
tigervnc-debugsource-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 615e2d5a2a23829e329db3a1c2cd82129c051fb19899c13b7211bc2bbf5ea1f4
tigervnc-icons-1.12.0-6.el8_6.13.noarch.rpm SHA-256: 7ca70d39e0b8000708efdaf53abecd9f95bc9521c7f21ea3f28870653c0e4871
tigervnc-license-1.12.0-6.el8_6.13.noarch.rpm SHA-256: bb75f6a569cdc029d8ab63573a08e6d8b810af24d22cc97ceb04a72d371a45c7
tigervnc-selinux-1.12.0-6.el8_6.13.noarch.rpm SHA-256: cf3cc38f22418d42145b9a02dc1c96fa53384e712b78e447db41ba2c2dc72fa1
tigervnc-server-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 7e146c121b6902e39b608c6970c100d69e0be92679005f6fb6cff61a0b6f8d0b
tigervnc-server-debuginfo-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 6bd484f5e86ee19be2f2a6c646d789147319fd98c5e1d82006aed423d9ec4f40
tigervnc-server-minimal-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: 7ec8871426858380c91873353b645b7eb0174da74cc46c3d5ab3bd42408f9ca9
tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: d331938a29004d7e71457830d26982468e14793990915adb6f8009e24260aa47
tigervnc-server-module-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: a6d9f8fbc124796b6d7cd441b43c814b26fa5f846a2e5ce5166677ec6eadfd57
tigervnc-server-module-debuginfo-1.12.0-6.el8_6.13.x86_64.rpm SHA-256: db09a7778ae223ef72106b8bdec41cadb205f5f6e7f048fe4f08903c49f0b8eb

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.