ALSA-2025:9306

[ALSA-2025:9306] Important: tigervnc security update

Type:

security

Severity:

important

Release date:

2025-07-03

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.  

Security Fix(es):  

  * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors (CVE-2025-49175)
  * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension (CVE-2025-49176)
  * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore (CVE-2025-49178)
  * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension (CVE-2025-49179)
  * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension (CVE-2025-49180)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	tigervnc-server-module-1.14.1-8.el9_6.aarch64.rpm	1a4d89c37d0627d96fd42b90c8fe62181f576b1f8f6929b10c69433c3f9ccc5b
aarch64	tigervnc-1.14.1-8.el9_6.aarch64.rpm	8b1d6bcfa52170706e3bf7b6abdc6c2683f96397340e55a97e77d7245216d6c4
aarch64	tigervnc-server-minimal-1.14.1-8.el9_6.aarch64.rpm	b0f3d0a00424b53b5767415e5d50eb1eb8e07388d96b031728e0f04f7563a184
aarch64	tigervnc-server-1.14.1-8.el9_6.aarch64.rpm	dfe33d9c1c252220ec09ed9842dd7bb1454fe5a8f8a1ba2c74d19d0d3060d8b7
noarch	tigervnc-selinux-1.14.1-8.el9_6.noarch.rpm	039326d5ebb4a47a17c6fdc8eeeaca51ee86bbc98affca4ffe8417c429d1c96b
noarch	tigervnc-icons-1.14.1-8.el9_6.noarch.rpm	03f28159cba9a5972244944cb5ed1ba33362e120a279fb44bd86b94babfedb7c
noarch	tigervnc-license-1.14.1-8.el9_6.noarch.rpm	f626d756050528a683217a3547fec95fbb422dca31be312a009bf2447f6258e2
ppc64le	tigervnc-server-minimal-1.14.1-8.el9_6.ppc64le.rpm	177ce91d010d97ecdf802aadd8573f75a14f6da377f80e7052e76d1893b9b5cf
ppc64le	tigervnc-server-module-1.14.1-8.el9_6.ppc64le.rpm	c5f9656c6ec27f7511c248b00e489b2f0eab1e9a59bb8beb876876706700fe06
ppc64le	tigervnc-server-1.14.1-8.el9_6.ppc64le.rpm	e6c394c582cc71647a1b734c58cca9253b3be710a4a103638d551d87abf533c0
ppc64le	tigervnc-1.14.1-8.el9_6.ppc64le.rpm	ee001466c39957663551e6e1956e68e1c55132de5794095ba0b2193a97aaca5c
s390x	tigervnc-server-1.14.1-8.el9_6.s390x.rpm	098ba2b3827e3df81a2518a976d59d648a5d71fea7471def6e0edfa89549f809
s390x	tigervnc-1.14.1-8.el9_6.s390x.rpm	386ef660f66615472b7c6993ddde52272a62b768afeb8b2da7f774840f0dacda
s390x	tigervnc-server-module-1.14.1-8.el9_6.s390x.rpm	79a85fcae2cdcebf5e3cb2e178f9d782dccb627afcfe9f84ddfd9e8508973e70
s390x	tigervnc-server-minimal-1.14.1-8.el9_6.s390x.rpm	c85f59a32e3d0a7496976b4b00e9488bf2a7d1e393ce62550a04b38b976dd6d5
x86_64	tigervnc-server-minimal-1.14.1-8.el9_6.x86_64.rpm	0bb3ee5c67c77f174c6b1114fb162fb760aa7adbb6668cebca73616cd65eadd7
x86_64	tigervnc-server-module-1.14.1-8.el9_6.x86_64.rpm	3804e2d0959798ddfd399994eb57f4b4e0ded7d851ccdea726c71678f0e2747b
x86_64	tigervnc-server-1.14.1-8.el9_6.x86_64.rpm	89debf2ab605918504b2c122d5f18a3745da6f0ce8eebc4af3375066742ebf3a
x86_64	tigervnc-1.14.1-8.el9_6.x86_64.rpm	a2f6d1e2f89fa37768eaacbe0670368546c5714930fffa905890a5d9b8af3b64

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.