ALSA-2026:19342

[ALSA-2026:19342] Important: tigervnc security update

Type:

security

Severity:

important

Release date:

2026-06-24

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.  

Security Fix(es):  

  * xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999)
  * xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. (CVE-2026-34000)
  * xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001)
  * xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003)
  * TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions (CVE-2026-34352)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	tigervnc-server-module-1.15.0-7.el9_8.1.aarch64.rpm	330ff33e65feaf8bd6db15570e194ae6d5542073834f4f5d7fcbf4e682ed1e67
aarch64	tigervnc-server-1.15.0-7.el9_8.1.aarch64.rpm	63c9ff9bd7d5d0e4cea27de547d8994c3e21f59b837880ef4fdd5d9d5ca6085b
aarch64	tigervnc-server-minimal-1.15.0-7.el9_8.1.aarch64.rpm	6bce7ce859a1a70304896064735725155bff601b73d25dac55ee5b6de1fed9de
aarch64	tigervnc-1.15.0-7.el9_8.1.aarch64.rpm	99b1e2586ad50f3bee3fb367d173008028a1c197969923cb34cece3a0c2154cd
noarch	tigervnc-icons-1.15.0-7.el9_8.1.noarch.rpm	204dc02b0092c43fea77222b15f9ddd4c77b8c72beef2e9073b0c24894adcc08
noarch	tigervnc-license-1.15.0-7.el9_8.1.noarch.rpm	672089a8fee58da2e35ca630c893fd3e167a9eb513d9f6e54ffd88b4e0153082
noarch	tigervnc-selinux-1.15.0-7.el9_8.1.noarch.rpm	ae1ca1cabd7da66c8cd0aba66e2ac735b06b37092ae2419168c3952db5fccd49
ppc64le	tigervnc-1.15.0-7.el9_8.1.ppc64le.rpm	3bf585769b18c200e041615c27babbb414c9ba9757c61380096c16beea2efb0a
ppc64le	tigervnc-server-1.15.0-7.el9_8.1.ppc64le.rpm	a505e5ae24a6f9f7fbec9667cdefc1c2a668de169ab7ea2a58ce7f0564b743bf
ppc64le	tigervnc-server-minimal-1.15.0-7.el9_8.1.ppc64le.rpm	a67a520b53f45fb95d4a1b897bfaf1c13293031ac02a4e51c43944fe1be90635
ppc64le	tigervnc-server-module-1.15.0-7.el9_8.1.ppc64le.rpm	c523a8c8c15c8eb7ed59c987b4863059a6ffc088a005f15522f0d47b3f12e050
s390x	tigervnc-server-1.15.0-7.el9_8.1.s390x.rpm	347229b5853ec246532d9cdee9555036fe02f653c3514943857828e4be70202e
s390x	tigervnc-server-minimal-1.15.0-7.el9_8.1.s390x.rpm	c63bd9f61e906ba5131fd57a3e07a782a622284fcaf90d21483bdfbf96f9f2bf
s390x	tigervnc-server-module-1.15.0-7.el9_8.1.s390x.rpm	e8387cc6cf3c69ec72c6700452825989ae0150fe5cebf5a5c717d77ad10e9a50
s390x	tigervnc-1.15.0-7.el9_8.1.s390x.rpm	f5a0a34c7101e23843b8db8735b7819b688965c90ccfc1997badf557a36c90d4
x86_64	tigervnc-server-module-1.15.0-7.el9_8.1.x86_64.rpm	141cd55fdf20de9f4e9992f76355304e414bd41c37794c7d110232056cbb4ae3
x86_64	tigervnc-server-minimal-1.15.0-7.el9_8.1.x86_64.rpm	6e675a3edf10024a9bd7a2dd3c0bf9cbf7bf80de8255e068cb12bd7d08b32a27
x86_64	tigervnc-1.15.0-7.el9_8.1.x86_64.rpm	a32f9eedb2630a6015d4ad3b05a7938ea623d28bfe47aae4bc3488976ed20cc1
x86_64	tigervnc-server-1.15.0-7.el9_8.1.x86_64.rpm	b6de7cc9ac5fd95dad0b164cfda74729dfff4a3ed60e86bbaa4a4bc68c864154

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.