Untriaged
Permalink
CVE-2025-49176
6.6 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): HIGH
Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension
A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.
References
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
- RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
- RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
- RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe6…
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f99…
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
- RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
- RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
- RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
- RHBZ#2369954 issue-tracking x_refsource_REDHAT
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe6…
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f99…
- https://www.x.org/wiki/Development/Security/
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
Affected products
tigervnc
- *
xwayland
- <24.1.7
xorg-x11-server
- *
xorg-x11-server-Xwayland
- *