Nixpkgs Security Tracker

Untriaged

Permalink CVE-2025-49175

5.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash.

References

https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911…
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911…
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024
https://www.x.org/wiki/Development/Security/
RHSA-2025:10258 x_refsource_REDHAT vendor-advisory
RHSA-2025:10342 x_refsource_REDHAT vendor-advisory
RHSA-2025:10343 x_refsource_REDHAT vendor-advisory
RHSA-2025:10344 x_refsource_REDHAT vendor-advisory
RHSA-2025:10346 x_refsource_REDHAT vendor-advisory
RHSA-2025:10347 x_refsource_REDHAT vendor-advisory
RHSA-2025:10348 x_refsource_REDHAT vendor-advisory
RHSA-2025:10349 x_refsource_REDHAT vendor-advisory
RHSA-2025:10350 x_refsource_REDHAT vendor-advisory
RHSA-2025:10351 x_refsource_REDHAT vendor-advisory
RHSA-2025:10352 x_refsource_REDHAT vendor-advisory
RHSA-2025:10355 x_refsource_REDHAT vendor-advisory
RHSA-2025:10356 x_refsource_REDHAT vendor-advisory
RHSA-2025:10360 x_refsource_REDHAT vendor-advisory
RHSA-2025:10370 x_refsource_REDHAT vendor-advisory
RHSA-2025:10374 x_refsource_REDHAT vendor-advisory
RHSA-2025:10375 x_refsource_REDHAT vendor-advisory
RHSA-2025:10376 x_refsource_REDHAT vendor-advisory
RHSA-2025:10377 x_refsource_REDHAT vendor-advisory
RHSA-2025:10378 x_refsource_REDHAT vendor-advisory
RHSA-2025:10381 x_refsource_REDHAT vendor-advisory
RHSA-2025:10410 x_refsource_REDHAT vendor-advisory
RHSA-2025:9303 x_refsource_REDHAT vendor-advisory
RHSA-2025:9304 x_refsource_REDHAT vendor-advisory
RHSA-2025:9305 x_refsource_REDHAT vendor-advisory
RHSA-2025:9306 x_refsource_REDHAT vendor-advisory
RHSA-2025:9392 x_refsource_REDHAT vendor-advisory
RHSA-2025:9964 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911…
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html

Affected products

tigervnc

xwayland

<24.1.8

xorg-x11-server

xorg-x11-server-Xwayland

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

nixos-unstable -
- nixpkgs-unstable 1.15.0

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.tigervnc