An Important security update for TigerVNC addresses multiple vulnerabilities in its X.Org X server component, including denial-of-service via integer underflow (CVE-2026-33999, CVSS 7.8 HIGH), use-after-free leading to crashes (CVE-2026-34001, CVSS 7.8 HIGH), and several out-of-bounds read issues causing information disclosure. The vulnerabilities affect Red Hat Enterprise Linux 8.4 Advanced Mission Critical and Extended Update Support Long-Life Add-On deployments. Red Hat has released patched packages; administrators should apply the update via the referenced Red Hat article.
Red Hat Product Errata RHSA-2026:23254 - Security Advisory Issued: 2026-06-04 Updated: 2026-06-04 RHSA-2026:23254 - Security Advisory Overview Updated Packages Synopsis Important: tigervnc security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999) xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. (CVE-2026-34000) xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001) xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling (CVE-2026-34002) xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003) TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions (CVE-2026-34352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64 Red Hat Enterprise Linux Server - AUS 8.4 x86_64 Fixes BZ - 2451106 - CVE-2026-33999 xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling BZ - 2451107 - CVE-2026-34000 xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. BZ - 2451109 - CVE-2026-34001 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption BZ - 2451112 - CVE-2026-34002 xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling BZ - 2451113 - CVE-2026-34003 xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access BZ - 2452022 - CVE-2026-34352 TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions CVEs CVE-2026-33999 CVE-2026-34000 CVE-2026-34001 CVE-2026-34002 CVE-2026-34003 CVE-2026-34352 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 SRPM tigervnc-1.11.0-8.el8_4.15.src.rpm SHA-256: 862c052b38c2a6565bbce7a0eced6ab319a8f21c9c85851358eb4792b13f1f2a x86_64 tigervnc-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: c7acac1781a88982dcadf362089f678ae48935f47060c295526a76864d9cdcec tigervnc-debuginfo-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: 601f3bb4be88645cc906543ea57acc7fbe0b017c35f20804fd644f0a5a254be5 tigervnc-debugsource-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: f18dfc7facdbdcc6065e7e9148c5556bd2195e491fe85cf2a67bce12a014cb3e tigervnc-icons-1.11.0-8.el8_4.15.noarch.rpm SHA-256: 5ce5c18fad49f5a266e2d2de2b9ff2ab9cd9d81ac3a130fbd9eb27f149fc24d9 tigervnc-license-1.11.0-8.el8_4.15.noarch.rpm SHA-256: cfbfe11a08cc53a8af84d889321639ca5ecf8f9e84e8971bd91b502964d50667 tigervnc-selinux-1.11.0-8.el8_4.15.noarch.rpm SHA-256: 5fa751b7ea3292c1436643e10bd04d91f99cadccd3b7a35271d54c54c2d60fff tigervnc-server-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: 03452dee40305e509673dce4076bcc2914a20699514caa1a910e22b98ca5bb4a tigervnc-server-debuginfo-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: e5234c1fda2e3c2154171de16ee18f7cf2f34b61ec64ab701999ad961cf17167 tigervnc-server-minimal-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: cd3edf6bee9f376a8cc674adc98002077eba1b6fc2ca5f5ac2601023f7212633 tigervnc-server-minimal-debuginfo-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: 307b0acce8aa58e6e0e16b1e9d61757a17a89dc0c1c99bc5b23de376601db77e tigervnc-server-module-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: e5ba322cfba16455e87985589c7d71a8a11f75686c99d780948b56d6d68f5426 tigervnc-server-module-debuginfo-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: 86e3415f15dea136d2cfbbdd9ebe9dd319b1ea9d70dff7670b23f7baef2c4b71 Red Hat Enterprise Linux Server - AUS 8.4 SRPM tigervnc-1.11.0-8.el8_4.15.src.rpm SHA-256: 862c052b38c2a6565bbce7a0eced6ab319a8f21c9c85851358eb4792b13f1f2a x86_64 tigervnc-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: c7acac1781a88982dcadf362089f678ae48935f47060c295526a76864d9cdcec tigervnc-debuginfo-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: 601f3bb4be88645cc906543ea57acc7fbe0b017c35f20804fd644f0a5a254be5 tigervnc-debugsource-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: f18dfc7facdbdcc6065e7e9148c5556bd2195e491fe85cf2a67bce12a014cb3e tigervnc-icons-1.11.0-8.el8_4.15.noarch.rpm SHA-256: 5ce5c18fad49f5a266e2d2de2b9ff2ab9cd9d81ac3a130fbd9eb27f149fc24d9 tigervnc-license-1.11.0-8.el8_4.15.noarch.rpm SHA-256: cfbfe11a08cc53a8af84d889321639ca5ecf8f9e84e8971bd91b502964d50667 tigervnc-selinux-1.11.0-8.el8_4.15.noarch.rpm SHA-256: 5fa751b7ea3292c1436643e10bd04d91f99cadccd3b7a35271d54c54c2d60fff tigervnc-server-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: 03452dee40305e509673dce4076bcc2914a20699514caa1a910e22b98ca5bb4a tigervnc-server-debuginfo-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: e5234c1fda2e3c2154171de16ee18f7cf2f34b61ec64ab701999ad961cf17167 tigervnc-server-minimal-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: cd3edf6bee9f376a8cc674adc98002077eba1b6fc2ca5f5ac2601023f7212633 tigervnc-server-minimal-debuginfo-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: 307b0acce8aa58e6e0e16b1e9d61757a17a89dc0c1c99bc5b23de376601db77e tigervnc-server-module-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: e5ba322cfba16455e87985589c7d71a8a11f75686c99d780948b56d6d68f5426 tigervnc-server-module-debuginfo-1.11.0-8.el8_4.15.x86_64.rpm SHA-256: 86e3415f15dea136d2cfbbdd9ebe9dd319b1ea9d70dff7670b23f7baef2c4b71 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .