Nixpkgs Security Tracker

Untriaged

Permalink CVE-2025-49180

6.1 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension

A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate.

References

https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
https://gitlab.freedesktop.org/xorg/xserver/-/commit/3c3a4b767b16174d3213055947…
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49180 x_refsource_REDHAT vdb-entry
RHBZ#2369981 issue-tracking x_refsource_REDHAT
https://gitlab.freedesktop.org/xorg/xserver/-/commit/3c3a4b767b16174d3213055947…
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html

Affected products

tigervnc

xwayland

<24.1.7

xorg-x11-server

xorg-x11-server-Xwayland

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

nixos-unstable -
- nixpkgs-unstable 1.15.0

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.tigervnc