tigervnc-1.15.0-9.el8_10.ML.1

エラータID: AXSA:2026-592:02

Release date: 
Monday, May 11, 2026 - 18:53
Subject: 
tigervnc-1.15.0-9.el8_10.ML.1
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

* xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999)
* xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001)
* xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003)
* TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions (CVE-2026-34352)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-33999
A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of service (DoS) or other severe impacts.
CVE-2026-34001
A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence() function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially enabling memory corruption. This could result in a denial of service or further compromise of the system.
CVE-2026-34003
A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash, leading to a Denial of Service (DoS). In certain configurations, higher impact outcomes may be possible.
CVE-2026-34352
In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

Solution: 

Update packages.

CVEs: 
CVE-2026-33999
A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of service (DoS) or other severe impacts.
CVE-2026-34001
A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence() function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially enabling memory corruption. This could result in a denial of service or further compromise of the system.
CVE-2026-34003
A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash, leading to a Denial of Service (DoS). In certain configurations, higher impact outcomes may be possible.
CVE-2026-34352
In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.
Additional Info: 

N/A

Download: 

SRPMS
  1. tigervnc-1.15.0-9.el8_10.ML.1.src.rpm
    MD5: fae127306750b3d83e37a67f76b3da90
    SHA-256: 40fd559c56be153ca99f0848ad8e05435b5ed36ae7db784e3c2dc04fda2f1b81
    Size: 2.11 MB

Asianux Server 8 for x86_64
  1. tigervnc-1.15.0-9.el8_10.ML.1.x86_64.rpm
    MD5: e2b9f6334b0ed809b4d7d3420f59a7fb
    SHA-256: 3233dea08c6800b18475943e48a41aff7be43e29bf271c731108aa6362f3b1b2
    Size: 407.98 kB
  2. tigervnc-icons-1.15.0-9.el8_10.ML.1.noarch.rpm
    MD5: ab623b96d46850e9f1c6ac7fb3fa982f
    SHA-256: ef55728dd1b37ae087bde4c9ff953247943750f682d0b8b31ae1a684b3f4b3e2
    Size: 64.71 kB
  3. tigervnc-license-1.15.0-9.el8_10.ML.1.noarch.rpm
    MD5: 957397ec8e2774621c3a145fd8c6e71d
    SHA-256: 6a950347544681e37ccf93d95917a8bf7df4a0c5d8f9aab1cfa51a3c953f598b
    Size: 45.09 kB
  4. tigervnc-selinux-1.15.0-9.el8_10.ML.1.noarch.rpm
    MD5: 46bce9192aae2eaa9a151996c39dd471
    SHA-256: 2442010364f09fcf149cd77bc5624cc151de7717aced09c6ed0ff4db863fa3e4
    Size: 54.32 kB
  5. tigervnc-server-1.15.0-9.el8_10.ML.1.x86_64.rpm
    MD5: 715b384c1d2732acce1e321d554171c5
    SHA-256: d10e34d2f61dc3a6cd6d52d2031aa005a1a8f165c915c54ac717561074288153
    Size: 316.18 kB
  6. tigervnc-server-minimal-1.15.0-9.el8_10.ML.1.x86_64.rpm
    MD5: 872a2ce91de8fcbf95a9f803f01f983e
    SHA-256: ff5ea43b93d699fc9998c1926fa5583db66643d1ea76f9a5f106e254fc880451
    Size: 1.18 MB
  7. tigervnc-server-module-1.15.0-9.el8_10.ML.1.x86_64.rpm
    MD5: bbdb7784f2eee6d8dedb679f5e3e70ed
    SHA-256: bdecf1f77d41f770afd58293c4e22260022d3869d3924eff48393c171d87c624
    Size: 311.34 kB