ALSA-2025:9392

[ALSA-2025:9392] Important: tigervnc security update

Type:

security

Severity:

important

Release date:

2025-07-03

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.  

Security Fix(es):  

  * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors (CVE-2025-49175)
  * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension (CVE-2025-49176)
  * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore (CVE-2025-49178)
  * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension (CVE-2025-49179)
  * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension (CVE-2025-49180)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	tigervnc-server-1.15.0-7.el8_10.aarch64.rpm	02a2db095602fc2747fad6410d55553b0a62343f2988fd6f4068187020489af4
aarch64	tigervnc-server-module-1.15.0-7.el8_10.aarch64.rpm	067780c2132ae2819a7ce7a67128f59a377661214ebc3f69b390e1033c4435dd
aarch64	tigervnc-1.15.0-7.el8_10.aarch64.rpm	3abe08b1a0dc81f1fa42385b89a9878df80a965ac2ac84850b3478ff38d75301
aarch64	tigervnc-server-minimal-1.15.0-7.el8_10.aarch64.rpm	9515ed289c40fe9843151dae0202280dfde71bb4fd7d95bfa9f99da9b9229bb3
noarch	tigervnc-selinux-1.15.0-7.el8_10.noarch.rpm	94e5261f745334ef10f02f40c51932b0872bee49cdfacb3e96e0a373e1bf8097
noarch	tigervnc-license-1.15.0-7.el8_10.noarch.rpm	aab7395fe072615eba486b8a37400d00c25053e67fe12f53a267884336340c51
noarch	tigervnc-icons-1.15.0-7.el8_10.noarch.rpm	fcb641c782b06223bf9edd1ce3a6d1f0b8927553c2c11c2d159c1f3ecf784e3d
ppc64le	tigervnc-1.15.0-7.el8_10.ppc64le.rpm	0d4664965de6e769788ffbc224661f19c586f586983c1a2c3291440473ca8170
ppc64le	tigervnc-server-module-1.15.0-7.el8_10.ppc64le.rpm	2faae525ac5d73a8de970dc2aa01a48747d69050afaf856d35bf47d7de096e83
ppc64le	tigervnc-server-1.15.0-7.el8_10.ppc64le.rpm	a199f060b29964ea5db49cced14affa660d63c262400b653ae5a43c43c0e4e0e
ppc64le	tigervnc-server-minimal-1.15.0-7.el8_10.ppc64le.rpm	da34edfd5a14efb6776faa54a1704385a892ebe53120f63541a0e657316bc86f
s390x	tigervnc-server-module-1.15.0-7.el8_10.s390x.rpm	97b988b7f97ca1a562d8690d8fa5e3e40190ee72bc2f61180dacb20c25add30d
s390x	tigervnc-server-1.15.0-7.el8_10.s390x.rpm	cdaa79b94bf252ce960f1e7e15db405fc0e96edc5e09ed73a1032b105e724f3a
s390x	tigervnc-server-minimal-1.15.0-7.el8_10.s390x.rpm	e6c46c29e10b022c30ec0c5ba9dee6fa881bba10b886ea5d7102e0c68809c4df
s390x	tigervnc-1.15.0-7.el8_10.s390x.rpm	f1e63429dd08ee863a2c5589140ee2ec22d8656e4d084b9c839cdbbd4b30a190
x86_64	tigervnc-server-1.15.0-7.el8_10.x86_64.rpm	3a09bb6d1a5f373c2c4290ffa2a20640b14602bb9cfda03d44bb63f89abc71b8
x86_64	tigervnc-server-module-1.15.0-7.el8_10.x86_64.rpm	8c5fbb37fa124fa888caf0adf33a9be07eb761cfd299eea4778b0b4c8a46a394
x86_64	tigervnc-1.15.0-7.el8_10.x86_64.rpm	d824402d87d3979f78c0ed8d897f4dcab015a0fe604d478dfb23c7fc982292bb
x86_64	tigervnc-server-minimal-1.15.0-7.el8_10.x86_64.rpm	ecd60940e77f63181c97419006b0983a7306e0cfe20d63dbe8477a5543060d1c

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.