Red Hat Product Errata RHSA-2026:21741 - Security Advisory Issued: 2026-05-28 Updated: 2026-05-28 RHSA-2026:21741 - Security Advisory Overview Updated Packages Synopsis Important: tigervnc security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999) xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. (CVE-2026-34000) xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001) xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling (CVE-2026-34002) xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003) TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions (CVE-2026-34352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x Fixes BZ - 2451106 - CVE-2026-33999 xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling BZ - 2451107 - CVE-2026-34000 xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. BZ - 2451109 - CVE-2026-34001 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption BZ - 2451112 - CVE-2026-34002 xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling BZ - 2451113 - CVE-2026-34003 xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access BZ - 2452022 - CVE-2026-34352 TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions CVEs CVE-2026-33999 CVE-2026-34000 CVE-2026-34001 CVE-2026-34002 CVE-2026-34003 CVE-2026-34352 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 SRPM tigervnc-1.11.0-22.el9_0.17.src.rpm SHA-256: bc2a94f449e4ce314b82ace383677bcfdcdb90fd03289b79cbc21a40ea45d178 ppc64le tigervnc-1.11.0-22.el9_0.17.ppc64le.rpm SHA-256: 4a1858db77b64a7b8e7f6f6a8ca3e7c3a6f6b7fe967d74f7e0316047021e4e51 tigervnc-debuginfo-1.11.0-22.el9_0.17.ppc64le.rpm SHA-256: 63698259d9d615daf5a564a5b85b1e27ff4f44556852d6fb2537106c8836c874 tigervnc-debugsource-1.11.0-22.el9_0.17.ppc64le.rpm SHA-256: 7f2bab086213003d0e57a9fa462f8e4406cd6960688dc9c38a89213bfa887efa tigervnc-icons-1.11.0-22.el9_0.17.noarch.rpm SHA-256: 20e876195f2067a954a7a3de56c41c9d9ee3fdfb56e8d9f77d232d2355c7ba91 tigervnc-license-1.11.0-22.el9_0.17.noarch.rpm SHA-256: 462fb9cb5c6202cf9a36102e0b51989e29b8e06d2d89088756504d05e2b311d5 tigervnc-selinux-1.11.0-22.el9_0.17.noarch.rpm SHA-256: d1ec118cd8c311d939d82f88284115bc52b80fe573b3d98eb7720a5409e6434e tigervnc-server-1.11.0-22.el9_0.17.ppc64le.rpm SHA-256: 62710b7892b4f1f18f4e9f0b3de07cf742af77791625af7266027995d25ae434 tigervnc-server-debuginfo-1.11.0-22.el9_0.17.ppc64le.rpm SHA-256: faebcf2a06bfe12ca7e51a432167966877719d9829dcb6dce82b0fa8ad89d595 tigervnc-server-minimal-1.11.0-22.el9_0.17.ppc64le.rpm SHA-256: 544b70d9ee49043ec8cb7b8ef2f9027c9e7d7fbf3ceec63c3a78f59d7f6982c0 tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.17.ppc64le.rpm SHA-256: 9bf4415130db01dace248793789d864e957502de45ede0a019e12b04363fb9b0 tigervnc-server-module-1.11.0-22.el9_0.17.ppc64le.rpm SHA-256: 700b16649ecb4e4fb099de48584f0800d905f1356d00f963bee5a05cca70ec0a tigervnc-server-module-debuginfo-1.11.0-22.el9_0.17.ppc64le.rpm SHA-256: 92a9783d0d0260a6aecb2711e00f663923b6d36d3f482d884eac381a08836b72 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 SRPM tigervnc-1.11.0-22.el9_0.17.src.rpm SHA-256: bc2a94f449e4ce314b82ace383677bcfdcdb90fd03289b79cbc21a40ea45d178 x86_64 tigervnc-1.11.0-22.el9_0.17.x86_64.rpm SHA-256: dbf94557a71fed9f4936800a2e7f1fd1522054896ae7f99a4bb720f4e99edbbf tigervnc-debuginfo-1.11.0-22.el9_0.17.x86_64.rpm SHA-256: 249bfd30f9c5137a1a314610a92fe5aa34b80f2e5682193a5a87cb1e19b2d6be tigervnc-debugsource-1.11.0-22.el9_0.17.x86_64.rpm SHA-256: 909de34cce1bbee71e8521378025ac1ca8c1c86afc4c4158ffeeca431453a8fc tigervnc-icons-1.11.0-22.el9_0.17.noarch.rpm SHA-256: 20e876195f2067a954a7a3de56c41c9d9ee3fdfb56e8d9f77d232d2355c7ba91 tigervnc-license-1.11.0-22.el9_0.17.noarch.rpm SHA-256: 462fb9cb5c6202cf9a36102e0b51989e29b8e06d2d89088756504d05e2b311d5 tigervnc-selinux-1.11.0-22.el9_0.17.noarch.rpm SHA-256: d1ec118cd8c311d939d82f88284115bc52b80fe573b3d98eb7720a5409e6434e tigervnc-server-1.11.0-22.el9_0.17.x86_64.rpm SHA-256: b8fc8d891bc226c45c4ad8e2a24aa092c74627c020c8eacd25491993cf8804f4 tigervnc-server-debuginfo-1.11.0-22.el9_0.17.x86_64.rpm SHA-256: dfefe07b3900688965bb2f6d23b76f1e1bf6f16ed49f2aeb286f586750ffcd81 tigervnc-server-minimal-1.11.0-22.el9_0.17.x86_64.rpm SHA-256: b7f008cbbbfec322364196b716f8dd9f490084c1c21e0169cc49ea095a9b6374 tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.17.x86_64.rpm SHA-256: b5d8dca749888263fd24ae61bbd3994d1aa3b27767b17e988195c8bf65375e91 tigervnc-server-module-1.11.0-22.el9_0.17.x86_64.rpm SHA-256: b164e4843a69135dad9d9cb41acd727cc9f10bf449ed82e3567bb73573af4eea tigervnc-server-module-debuginfo-1.11.0-22.el9_0.17.x86_64.rpm SHA-256: 330721ce149c473c177033aa090951964482611ab78cdfb5e2ba5b5b75411586 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 SRPM tigervnc-1.11.0-22.el9_0.17.src.rpm SHA-256: bc2a94f449e4ce314b82ace383677bcfdcdb90fd03289b79cbc21a40ea45d178 aarch64 tigervnc-1.11.0-22.el9_0.17.aarch64.rpm SHA-256: 0faca1e08b4828ec3c9acbe1987395fa86595ce72b05378e7a1ca6a951723946 tigervnc-debuginfo-1.11.0-22.el9_0.17.aarch64.rpm SHA-256: c1e237743877c687b98a936b45a58e9a4898745cdf29959df4807f573ae3967f tigervnc-debugsource-1.11.0-22.el9_0.17.aarch64.rpm SHA-256: b974caa87f65851e491584251b149a211fd80171c8a0db40b635a35e477863aa tigervnc-icons-1.11.0-22.el9_0.17.noarch.rpm SHA-256: 20e876195f2067a954a7a3de56c41c9d9ee3fdfb56e8d9f77d232d2355c7ba91 tigervnc-license-1.11.0-22.el9_0.17.noarch.rpm SHA-256: 462fb9cb5c6202cf9a36102e0b51989e29b8e06d2d89088756504d05e2b311d5 tigervnc-selinux-1.11.0-22.el9_0.17.noarch.rpm SHA-256: d1ec118cd8c311d939d82f88284115bc52b80fe573b3d98eb7720a5409e6434e tigervnc-server-1.11.0-22.el9_0.17.aarch64.rpm SHA-256: 024719176a79723756e9a25bc02b33be23d06489d6b5a1fc00ee1f31b8bfdfcf tigervnc-server-debuginfo-1.11.0-22.el9_0.17.aarch64.rpm SHA-256: 207181cc82331f2691f1c6827ad3098fc8e7185fa2ce05d23350d18322bfd521 tigervnc-server-minimal-1.11.0-22.el9_0.17.aarch64.rpm SHA-256: 0c01dde401403f1089506bd54d1d36b27bee168f6043768d338f7fcae82a4aeb tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.17.aarch64.rpm SHA-256: 4de01e33ee192df983fac1a0a2e489e67f0a976d3eef42c0bfae9ade5ff28ae4 tigervnc-server-module-1.11.0-22.el9_0.17.aarch64.rpm SHA-256: 62d65ce71d2fb915639b59565a68431cab21183771022492f24550d3523323f1 tigervnc-server-module-debuginfo-1.11.0-22.el9_0.17.aarch64.rpm SHA-256: b3fddf0c67ee7a0614ec35ebbd47f60073fcf39f13c9c1522d4b954f19a21d63 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 SRPM tigervnc-1.11.0-22.el9_0.17.src.rpm SHA-256: bc2a94f449e4ce314b82ace383677bcfdcdb90fd03289b79cbc21a40ea45d178 s390x tigervnc-1.11.0-22.el9_0.17.s390x.rpm SHA-256: 7b592e367d333ebdf6ad587d14f9dbe2ae137b4ce98310652190b887cde2d2ac tigervnc-debuginfo-1.11.0-22.el9_0.17.s390x.rpm SHA-256: cc4d58dbc70bd707ce5a5e7d7f91c19d9e8c42e83f072f12363742c25bfa95bf tigervnc-debugsource-1.11.0-22.el9_0.17.s390x.rpm SHA-256: ed8e6df3c87e32b0dbec9d4dc7d6324cfd518c1fd956273248ff0455067e4bb2 tigervnc-icons-1.11.0-22.el9_0.17.noarch.rpm SHA-256: 20e876195f2067a954a7a3de56c41c9d9ee3fdfb56e8d9f77d232d2355c7ba91 tigervnc-license-1.11.0-22.el9_0.17.noarch.rpm SHA-256: 462fb9cb5c6202cf9a36102e0b51989e29b8e06d2d89088756504d05e2b311d5 tigervnc-selinux-1.11.0-22.el9_0.17.noarch.rpm SHA-256: d1ec118cd8c311d939d82f88284115bc52b80fe573b3d98eb7720a5409e6434e tigervnc-server-1.11.0-22.el9_0.17.s390x.rpm SHA-256: 6ec7e58310869ac3805f695a9b1b03cf3dded881bf36e7a91e173e42fb2a91be tigervnc-server-debuginfo-1.11.0-22.el9_0.17.s390x.rpm SHA-256: 21e4f1e85b3b270360ee1d74df6b962bff69e