[Apollo] Advisories Statistics light light Login

RLSA-2025:2500

Security Mirrored from RHSA-2025:2500
Issued at: 2025-05-07
Updated at: 2025-05-07

Synopsis

Important: tigervnc security update



Description

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

* X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594)

* xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601)

* xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600)

* xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599)

* xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598)

* xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597)

* xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596)

* Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x Rocky Linux 9 x86_64

Fixes

2345248 2345251 2345252 2345253 2345254 2345255 2345256 2345257

CVEs

CVE-2025-26594 CVE-2025-26595 CVE-2025-26596 CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 CVE-2025-26601

Affected packages

Rocky Linux 9 aarch64 - AppStream

tigervnc-0:1.14.1-1.el9_5.1.aarch64.rpm tigervnc-0:1.14.1-1.el9_5.1.src.rpm tigervnc-debuginfo-0:1.14.1-1.el9_5.1.aarch64.rpm tigervnc-debugsource-0:1.14.1-1.el9_5.1.aarch64.rpm tigervnc-icons-0:1.14.1-1.el9_5.1.noarch.rpm tigervnc-license-0:1.14.1-1.el9_5.1.noarch.rpm tigervnc-selinux-0:1.14.1-1.el9_5.1.noarch.rpm tigervnc-server-0:1.14.1-1.el9_5.1.aarch64.rpm tigervnc-server-debuginfo-0:1.14.1-1.el9_5.1.aarch64.rpm tigervnc-server-minimal-0:1.14.1-1.el9_5.1.aarch64.rpm tigervnc-server-minimal-debuginfo-0:1.14.1-1.el9_5.1.aarch64.rpm tigervnc-server-module-0:1.14.1-1.el9_5.1.aarch64.rpm tigervnc-server-module-debuginfo-0:1.14.1-1.el9_5.1.aarch64.rpm

Rocky Linux 9 ppc64le - AppStream

tigervnc-0:1.14.1-1.el9_5.1.ppc64le.rpm tigervnc-0:1.14.1-1.el9_5.1.src.rpm tigervnc-debuginfo-0:1.14.1-1.el9_5.1.ppc64le.rpm tigervnc-debugsource-0:1.14.1-1.el9_5.1.ppc64le.rpm tigervnc-icons-0:1.14.1-1.el9_5.1.noarch.rpm tigervnc-license-0:1.14.1-1.el9_5.1.noarch.rpm tigervnc-selinux-0:1.14.1-1.el9_5.1.noarch.rpm tigervnc-server-0:1.14.1-1.el9_5.1.ppc64le.rpm tigervnc-server-debuginfo-0:1.14.1-1.el9_5.1.ppc64le.rpm tigervnc-server-minimal-0:1.14.1-1.el9_5.1.ppc64le.rpm tigervnc-server-minimal-debuginfo-0:1.14.1-1.el9_5.1.ppc64le.rpm tigervnc-server-module-0:1.14.1-1.el9_5.1.ppc64le.rpm tigervnc-server-module-debuginfo-0:1.14.1-1.el9_5.1.ppc64le.rpm

Rocky Linux 9 s390x - AppStream

tigervnc-0:1.14.1-1.el9_5.1.s390x.rpm tigervnc-0:1.14.1-1.el9_5.1.src.rpm tigervnc-debuginfo-0:1.14.1-1.el9_5.1.s390x.rpm tigervnc-debugsource-0:1.14.1-1.el9_5.1.s390x.rpm tigervnc-icons-0:1.14.1-1.el9_5.1.noarch.rpm tigervnc-license-0:1.14.1-1.el9_5.1.noarch.rpm tigervnc-selinux-0:1.14.1-1.el9_5.1.noarch.rpm tigervnc-server-0:1.14.1-1.el9_5.1.s390x.rpm tigervnc-server-debuginfo-0:1.14.1-1.el9_5.1.s390x.rpm tigervnc-server-minimal-0:1.14.1-1.el9_5.1.s390x.rpm tigervnc-server-minimal-debuginfo-0:1.14.1-1.el9_5.1.s390x.rpm tigervnc-server-module-0:1.14.1-1.el9_5.1.s390x.rpm tigervnc-server-module-debuginfo-0:1.14.1-1.el9_5.1.s390x.rpm

Rocky Linux 9 x86_64 - AppStream

tigervnc-0:1.14.1-1.el9_5.1.src.rpm tigervnc-0:1.14.1-1.el9_5.1.x86_64.rpm tigervnc-debuginfo-0:1.14.1-1.el9_5.1.x86_64.rpm tigervnc-debugsource-0:1.14.1-1.el9_5.1.x86_64.rpm tigervnc-icons-0:1.14.1-1.el9_5.1.noarch.rpm tigervnc-license-0:1.14.1-1.el9_5.1.noarch.rpm tigervnc-selinux-0:1.14.1-1.el9_5.1.noarch.rpm tigervnc-server-0:1.14.1-1.el9_5.1.x86_64.rpm tigervnc-server-debuginfo-0:1.14.1-1.el9_5.1.x86_64.rpm tigervnc-server-minimal-0:1.14.1-1.el9_5.1.x86_64.rpm tigervnc-server-minimal-debuginfo-0:1.14.1-1.el9_5.1.x86_64.rpm tigervnc-server-module-0:1.14.1-1.el9_5.1.x86_64.rpm tigervnc-server-module-debuginfo-0:1.14.1-1.el9_5.1.x86_64.rpm