ELSA-2025-2500

ELSA-2025-2500 - tigervnc security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2025-03-10

Description

[1.14.1-1.1]
- Fix CVE-2025-26594 xorg-x11-server Use-after-free of the root cursor
Resolves: RHEL-79406
- Fix CVE-2025-26595 xorg-x11-server Buffer overflow in XkbVModMaskText()
Resolves: RHEL-80018
- Fix CVE-2025-26596 xorg-x11-server Heap overflow in XkbWriteKeySyms()
Resolves: RHEL-79391
- Fix CVE-2025-26597 xorg-x11-server Buffer overflow in XkbChangeTypesOfKey()
Resolves: RHEL-80029
- Fix CVE-2025-26598 xorg-x11-server Out-of-bounds write in CreatePointerBarrierClient()
Resolves: RHEL-79374
- Fix CVE-2025-26599 xorg-x11-server Use of uninitialized pointer in compRedirectWindow()
Resolves: RHEL-80043
- Fix CVE-2025-26600 xorg-x11-server Use-after-free in PlayReleasedEvents()
Resolves: RHEL-80037
- Fix CVE-2025-26601 xorg-x11-server Use-after-free in SyncInitTrigger()
Resolves: RHEL-79353

Related CVEs

CVE-2025-26596

CVE-2025-26599

CVE-2025-26601

CVE-2025-26598

CVE-2025-26597

CVE-2025-26594

CVE-2025-26600

CVE-2025-26595

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	tigervnc-1.14.1-1.el9_5.1.src.rpm	c211dd62dd55e67a8769b14b7c6d19f06909ce5bfded8cf1d3c16d6d4489aa7b	-	ol9_aarch64_appstream
	tigervnc-1.14.1-1.el9_5.1.aarch64.rpm	064f4f4e4bb8af4747dad98ab6f4103fa06a3134493e4510188c2b35681f3c78	-	ol9_aarch64_appstream
	tigervnc-icons-1.14.1-1.el9_5.1.noarch.rpm	03fc90fb8df27ad6af97876fd8bd34d00a83d82f122c190b787ddbc2b0cac818	-	ol9_aarch64_appstream
	tigervnc-license-1.14.1-1.el9_5.1.noarch.rpm	94215e8d21c4ff44b0b82629b54a08210de3404e5c4bd3dba7847a065f566034	-	ol9_aarch64_appstream
	tigervnc-selinux-1.14.1-1.el9_5.1.noarch.rpm	3006841b283e7db2ebbf19019cda89e3f6df8ea51eafc7327ee708ac04d3b26c	-	ol9_aarch64_appstream
	tigervnc-server-1.14.1-1.el9_5.1.aarch64.rpm	0c82caad941a5acfc819045f1becb4e82d41d4cf35834f72bcc7ec7c555fc258	-	ol9_aarch64_appstream
	tigervnc-server-minimal-1.14.1-1.el9_5.1.aarch64.rpm	87735f19e1972573938823a81f49eb8d0229c3796a14a0fdb51b3c87ec442a69	-	ol9_aarch64_appstream
	tigervnc-server-module-1.14.1-1.el9_5.1.aarch64.rpm	52aa009439485fa109823f8a0abec0e4f505876308ffe59fdfdb42f34fc0670f	-	ol9_aarch64_appstream
Oracle Linux 9 (x86_64)	tigervnc-1.14.1-1.el9_5.1.src.rpm	c211dd62dd55e67a8769b14b7c6d19f06909ce5bfded8cf1d3c16d6d4489aa7b	-	ol9_x86_64_appstream
	tigervnc-1.14.1-1.el9_5.1.x86_64.rpm	e6629bcaf2918e1826fd5f7b4a844291bd78450ffe50f748108eaa19f3fd2da0	-	ol9_x86_64_appstream
	tigervnc-icons-1.14.1-1.el9_5.1.noarch.rpm	03fc90fb8df27ad6af97876fd8bd34d00a83d82f122c190b787ddbc2b0cac818	-	ol9_x86_64_appstream
	tigervnc-license-1.14.1-1.el9_5.1.noarch.rpm	94215e8d21c4ff44b0b82629b54a08210de3404e5c4bd3dba7847a065f566034	-	ol9_x86_64_appstream
	tigervnc-selinux-1.14.1-1.el9_5.1.noarch.rpm	3006841b283e7db2ebbf19019cda89e3f6df8ea51eafc7327ee708ac04d3b26c	-	ol9_x86_64_appstream
	tigervnc-server-1.14.1-1.el9_5.1.x86_64.rpm	11d4375c2e3f1088bbbb5ddcfb7e6e1b5976ae50567f8ef94787adc20132ffb3	-	ol9_x86_64_appstream
	tigervnc-server-minimal-1.14.1-1.el9_5.1.x86_64.rpm	066664e965538ad3dee86e8246561ff9fdc3a85654f5ef58621432caeef704af	-	ol9_x86_64_appstream
	tigervnc-server-module-1.14.1-1.el9_5.1.x86_64.rpm	2d4d6ae5ae9d67636125b01f1cc0a935ed46b2fe9af14be66eccbcaf91e3c47f	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team