ALSA-2026:10739

[ALSA-2026:10739] Important: tigervnc security update

Type:

security

Severity:

important

Release date:

2026-04-28

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.  

Security Fix(es):  

  * xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999)
  * xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001)
  * xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003)
  * TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions (CVE-2026-34352)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	tigervnc-server-1.15.0-6.el9_7.1.aarch64.rpm	0f1038189caec19478b639cc887c99d467d336a1b705d5e61fe9392577744a45
aarch64	tigervnc-server-minimal-1.15.0-6.el9_7.1.aarch64.rpm	affaecce4d575d41546393072e2bb78e3463e4117589850f96e949cd967f8a19
aarch64	tigervnc-server-module-1.15.0-6.el9_7.1.aarch64.rpm	d8ac5bcd8585586dcdf911b3573bb6cd61693d70909ff947f6e1e6ae762b6adb
aarch64	tigervnc-1.15.0-6.el9_7.1.aarch64.rpm	e09eb2b33e45da829527b328bb1d48b47d79dc16d9d8e6ef60dfc2d5cf31c9c0
noarch	tigervnc-license-1.15.0-6.el9_7.1.noarch.rpm	005a38e72a0b9894aa19c3c034f42447a4073f5f9b3ad8b87841ded9c8de8647
noarch	tigervnc-selinux-1.15.0-6.el9_7.1.noarch.rpm	1fd83a9aeafe3d2b0e2ce13bf6ec681a0ee8cfc847001cc628bd8105138c5560
noarch	tigervnc-icons-1.15.0-6.el9_7.1.noarch.rpm	40aef8541922e405fe3a7aab99933f17fc446a5e1226353e25fe1f359bd5f760
ppc64le	tigervnc-server-minimal-1.15.0-6.el9_7.1.ppc64le.rpm	789a8c7ab7e5f58f9bd8345040b9e181f30d51c9af115cf65a1c29774f92b234
ppc64le	tigervnc-server-module-1.15.0-6.el9_7.1.ppc64le.rpm	9ddf40f453f3cb3d92ec4a083c6534690f190737a1038b51d255f0e8b4b98780
ppc64le	tigervnc-server-1.15.0-6.el9_7.1.ppc64le.rpm	dc0dc691998dd87f073cb86997f6d12297eda5b229b668b60cd2232ff42237d4
ppc64le	tigervnc-1.15.0-6.el9_7.1.ppc64le.rpm	e4cb47dbbddfd5325501f2caee25c14dc054c21b0cfe8feec34366cb6fc0a986
s390x	tigervnc-server-minimal-1.15.0-6.el9_7.1.s390x.rpm	0705800e655a88b594eebe36817a0ee6012103909cafb7db3b1201c2f402e857
s390x	tigervnc-1.15.0-6.el9_7.1.s390x.rpm	2d186bc988931bca171ee59be1a0a580a2fe72301503930bfaeb7db1c423fa48
s390x	tigervnc-server-module-1.15.0-6.el9_7.1.s390x.rpm	5ab63f3cc292e066c7c032dec56717f8e0f13fc76e2761146e46bf8fd1487b65
s390x	tigervnc-server-1.15.0-6.el9_7.1.s390x.rpm	c1e7d0e50660f3ec312bbb6472dcaea4ee21984584f15d804868f88149ed78b4
x86_64	tigervnc-server-minimal-1.15.0-6.el9_7.1.x86_64.rpm	07a4a8f1a8b2c3fd57da96dd36c393a9ad0111fc6b5cfdf0d41a245bc9d58b50
x86_64	tigervnc-1.15.0-6.el9_7.1.x86_64.rpm	19edbe2527d17651b7ae7ac04ddebf35d9ae72fbb917d94d3d3448e01adf7bca
x86_64	tigervnc-server-1.15.0-6.el9_7.1.x86_64.rpm	c8ba922e72bd42ceeedaf5f2e695bc7a9f2a7b2d9b77393c85178015cefe2c5b
x86_64	tigervnc-server-module-1.15.0-6.el9_7.1.x86_64.rpm	dd793b5631ca9f5da003028a0138e1e71af9641b074641fbc89aefa44f3f6354

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.