Red Hat Product Errata RHSA-2026:19342 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19342 - Security Advisory Overview Updated Packages Synopsis Important: tigervnc security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for tigervnc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999) xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. (CVE-2026-34000) xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001) xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003) TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions (CVE-2026-34352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2451106 - CVE-2026-33999 xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling BZ - 2451107 - CVE-2026-34000 xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. BZ - 2451109 - CVE-2026-34001 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption BZ - 2451113 - CVE-2026-34003 xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access BZ - 2452022 - CVE-2026-34352 TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions CVEs CVE-2026-33999 CVE-2026-34000 CVE-2026-34001 CVE-2026-34003 CVE-2026-34352 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM tigervnc-1.15.0-7.el9_8.1.src.rpm SHA-256: fe25338e138a38f0938dd2233e2c25a0f3378ba60525b5c1167339900fe7e0b7 x86_64 tigervnc-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: beac731559dd9d2a006e1dd845f01aefdc69d12b5a23169b8b7e3926c4e23c41 tigervnc-debuginfo-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: 69e37317273627f850e130153cd7a394b8dbdfa95406edc47375275364ef67a0 tigervnc-debugsource-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: 362e7f4224ad22d732f485ffca8fe6d245d28fb17934ac4bd7a31e029e0ad017 tigervnc-icons-1.15.0-7.el9_8.1.noarch.rpm SHA-256: d12b5274647036f07fb4d2b1094d0f7749703b991f681e08dcf9a7810cc5c770 tigervnc-license-1.15.0-7.el9_8.1.noarch.rpm SHA-256: 406b2c53377f8d78d7d2a1710580663bc3e095d575b465be8fc49b38546a2228 tigervnc-selinux-1.15.0-7.el9_8.1.noarch.rpm SHA-256: e17211b0832283a80a894ac0f06b05ca317af4437956ef5a43b03ea5a8df0a3d tigervnc-server-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: 7991fced41b1e104db57eea11e3696f0d09c298d101146073a46e19763236d51 tigervnc-server-debuginfo-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: 394aa06a6bef8b4b52e6cca8676cb9b694481335f27ede277a63d9fd135fc41e tigervnc-server-minimal-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: c8a0adef0fa476e9e6b5ea31bbaaf3b0c67ede3b49674ad920b5706ccd2843d8 tigervnc-server-minimal-debuginfo-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: c3c4e7c33b7bb9aa2edfeeacc6b51b8e9860fafb81c6b94251377057cdb5d29c tigervnc-server-module-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: c0bd4c74dab905c8d3974a84d3b4e413cf0e8d62c556f52e910e05bdb3477a50 tigervnc-server-module-debuginfo-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: bade62431de82d2673c0c06ac8202ede68f9c21161836631a8ca640b06e3bc10 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM tigervnc-1.15.0-7.el9_8.1.src.rpm SHA-256: fe25338e138a38f0938dd2233e2c25a0f3378ba60525b5c1167339900fe7e0b7 x86_64 tigervnc-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: beac731559dd9d2a006e1dd845f01aefdc69d12b5a23169b8b7e3926c4e23c41 tigervnc-debuginfo-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: 69e37317273627f850e130153cd7a394b8dbdfa95406edc47375275364ef67a0 tigervnc-debugsource-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: 362e7f4224ad22d732f485ffca8fe6d245d28fb17934ac4bd7a31e029e0ad017 tigervnc-icons-1.15.0-7.el9_8.1.noarch.rpm SHA-256: d12b5274647036f07fb4d2b1094d0f7749703b991f681e08dcf9a7810cc5c770 tigervnc-license-1.15.0-7.el9_8.1.noarch.rpm SHA-256: 406b2c53377f8d78d7d2a1710580663bc3e095d575b465be8fc49b38546a2228 tigervnc-selinux-1.15.0-7.el9_8.1.noarch.rpm SHA-256: e17211b0832283a80a894ac0f06b05ca317af4437956ef5a43b03ea5a8df0a3d tigervnc-server-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: 7991fced41b1e104db57eea11e3696f0d09c298d101146073a46e19763236d51 tigervnc-server-debuginfo-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: 394aa06a6bef8b4b52e6cca8676cb9b694481335f27ede277a63d9fd135fc41e tigervnc-server-minimal-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: c8a0adef0fa476e9e6b5ea31bbaaf3b0c67ede3b49674ad920b5706ccd2843d8 tigervnc-server-minimal-debuginfo-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: c3c4e7c33b7bb9aa2edfeeacc6b51b8e9860fafb81c6b94251377057cdb5d29c tigervnc-server-module-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: c0bd4c74dab905c8d3974a84d3b4e413cf0e8d62c556f52e910e05bdb3477a50 tigervnc-server-module-debuginfo-1.15.0-7.el9_8.1.x86_64.rpm SHA-256: bade62431de82d2673c0c06ac8202ede68f9c21161836631a8ca640b06e3bc10 Red Hat Enterprise Linux for IBM z Systems 9 SRPM tigervnc-1.15.0-7.el9_8.1.src.rpm SHA-256: fe25338e138a38f0938dd2233e2c25a0f3378ba60525b5c1167339900fe7e0b7 s390x tigervnc-1.15.0-7.el9_8.1.s390x.rpm SHA-256: 3709876ae06bfefa83a51683e58f786fc329e4a86111f6bcd8315a8fabdd88ed tigervnc-debuginfo-1.15.0-7.el9_8.1.s390x.rpm SHA-256: b9bc2ba13b8524b34ac1ffe693c47cc637bd3ac04f8c69509e602dec6ec2d086 tigervnc-debugsource-1.15.0-7.el9_8.1.s390x.rpm SHA-256: 47ca562ef6dbbd3cccbcd57b3fe977c608124e7a494279daac802ffabeab0cee tigervnc-icons-1.15.0-7.el9_8.1.noarch.rpm SHA-256: d12b5274647036f07fb4d2b1094d0f7749703b991f681e08dcf9a7810cc5c770 tigervnc-license-1.15.0-7.el9_8.1.noarch.rpm SHA-256: 406b2c53377f8d78d7d2a1710580663bc3e095d575b465be8fc49b38546a2228 tigervnc-selinux-1.15.0-7.el9_8.1.noarch.rpm SHA-256: e17211b0832283a80a894ac0f06b05ca317af4437956ef5a43b03ea5a8df0a3d tigervnc-server-1.15.0-7.el9_8.1.s390x.rpm SHA-256: 3f3cc6e8c17eddb2abc63e70076d16644a2fcdf855bbc5d8cee4cc4420f21f29 tigervnc-server-debuginfo-1.15.0-7.el9_8.1.s390x.rpm SHA-256: 9e819d5c648dacd2f664921d6385987524ba0b5db7e6f603aea8e4d2fdcb893e tigervnc-server-minimal-1.15.0-7.el9_8.1.s390x.rpm SHA-256: 6a6bf7dff4d1bb17045b4a45273d024053c629501e70bf1839df8144be354346 tigervnc-server-minimal-debuginfo-1.15.0-7.el9_8.1.s390x.rpm SHA-256: 58b0d443ae876fb3f30bfcff4363e0911e13bb4f9c870f0e793830a26922491f tigervnc-server-module-1.15.0-7.el9_8.1.s390x.rpm SHA-256: 06d0c4238cf29dca59415371bed096cf5210d254eedd0b51d9c052c2cf16df99 tigervnc-server-module-debuginfo-1.15.0-7.el9_8.1.s390x.rpm SHA-256: ee45ac43a08aaed1cccfcfd6a1036d93ceee3842b505c32efb6ffd8845fe3235 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM tigervnc-1.15.0-7.el9_8.1.src.rpm SHA-256: fe25338e138a38f0938dd2233e2c25a0f3378ba60525b5c1167339900fe7e0b7 s390x tigervnc-1.15.0-7.el9_8.1.s390x.rpm SHA-256: 3709876ae06bfefa83a51683e58f786fc329e4a86111f6bcd8315a8fabdd88ed tigervnc-debuginfo-1.15.0-7.el9_8.1.s390x.rpm SHA-256: b9bc2ba13b8524b34ac1ffe693c47cc637bd3ac04f8c69509e602dec6ec2d086 tigervnc-debugsource-1.15.0-7.el9_8.1.s390x.rpm SHA-256: 47ca562ef6dbbd3cccbcd57b3fe977c608124e7a494279daac802ffabeab0cee tigervnc-icons-1.15.0-7.el9_8.1.noarch.rpm SHA-256: d12b5274647036f07fb4d2b1094d0f7749703b991f681e08dcf9a7810cc5c770 tigervnc-license-1.15.0-7.el9_8.1.noarch.rpm SHA-256: 406b2c53377f8d78d7d2a1710580663bc3e095d575b465be8fc49b38546a2228 tigervnc-selinux-1.15.0-7.el9_8.1.noarch.rpm SHA-256: e17211b0832283a