ALSA-2026:28923

[ALSA-2026:28923] Important: tigervnc security update

Type:

security

Severity:

important

Release date:

2026-06-24

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.  

Security Fix(es):  

  * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch (CVE-2026-50256)
  * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence() (CVE-2026-50257)
  * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels (CVE-2026-50258)
  * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing (CVE-2026-50259)
  * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter() (CVE-2026-50260)
  * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter() (CVE-2026-50261)
  * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes (CVE-2026-50262)
  * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow() (CVE-2026-50263)
  * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat (CVE-2026-50264)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	tigervnc-server-minimal-1.15.0-10.el8_10.aarch64.rpm	2e5d4b018aaf62426f907ca0bfc128b9fe034aeeb759a5be763c6d0bdbb77a40
aarch64	tigervnc-server-1.15.0-10.el8_10.aarch64.rpm	7618ef7f259a93f68ad1de377aa33b90a0c4e2e4822d28174414aed72fe72f3f
aarch64	tigervnc-server-module-1.15.0-10.el8_10.aarch64.rpm	8e715b13978a65c6633516c940d3fa2c23847cb60108e2b4a10350ea281ba6e8
aarch64	tigervnc-1.15.0-10.el8_10.aarch64.rpm	b8ff84c35ff12ec18a45c92276c41e17b9dc5cc19d2eb78110f4ea4e2f1e7de3
noarch	tigervnc-icons-1.15.0-10.el8_10.noarch.rpm	670a469020a0662409e186753b0f1b0b0ea765f23a05a77bbbb5a37c3b8c9fbd
noarch	tigervnc-license-1.15.0-10.el8_10.noarch.rpm	9a2316474e285857b7133f601b237b893cf07be97eb65b805dc6a8eb1cc7aeaa
noarch	tigervnc-selinux-1.15.0-10.el8_10.noarch.rpm	a447ec7939b8a9167aa6cd24e942134c89d0cbe9f2ca65e006c019d643dc2136
ppc64le	tigervnc-1.15.0-10.el8_10.ppc64le.rpm	9bdc49a651d0bce2010a810c482776d983db215a0674d979b885f1cd8c5f2ae9
ppc64le	tigervnc-server-minimal-1.15.0-10.el8_10.ppc64le.rpm	ac8f2a652a2e9b28ae11b5202bd4f0b88ee4c39d72acd670641c338be18b0cec
ppc64le	tigervnc-server-1.15.0-10.el8_10.ppc64le.rpm	b03274de6c7b8ad2224cc487e50e5c91877536c85bfbc162db9e5f50e1eec7c1
ppc64le	tigervnc-server-module-1.15.0-10.el8_10.ppc64le.rpm	edddf545117b71379f6e4ffc5365e48305d6cc4a17138b9e19d639a4ec847edb
s390x	tigervnc-server-module-1.15.0-10.el8_10.s390x.rpm	1a138923a672925319936c6b3dc5632cc90bdab0e858e5684b4afa637b05b78c
s390x	tigervnc-server-minimal-1.15.0-10.el8_10.s390x.rpm	7dab2f9d9c0df5792215af144802b6869fcd71033eb604e617516dde861a4009
s390x	tigervnc-server-1.15.0-10.el8_10.s390x.rpm	b8aa40688458b403a25524fc621f5c6a9769356d5cc430d09433ac9670fb0751
s390x	tigervnc-1.15.0-10.el8_10.s390x.rpm	fe3fbe6a6b7318e1a3fa0dad1bb285a462f2c364ab1818111e1d8e64bb6fafb0
x86_64	tigervnc-1.15.0-10.el8_10.x86_64.rpm	74f44cbee978a30de2af34597e6fe47a60140f65a29b90409bb1674f82f3083e
x86_64	tigervnc-server-minimal-1.15.0-10.el8_10.x86_64.rpm	7c59e229f46b469b35517a0cd4feed88d025aa91e18f04abcee0e76cdbd0ed2a
x86_64	tigervnc-server-module-1.15.0-10.el8_10.x86_64.rpm	98088284d6dcd05c6ee3725d632a1a686b9951c150daba5e576a42582c9e070a
x86_64	tigervnc-server-1.15.0-10.el8_10.x86_64.rpm	c0a2debae36ac259e8ff24b3e43833a07318e5e7c3cb80f3c1b4797af887c167

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.