Dismissed
Permalink
CVE-2025-62229
7.3 HIGH
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
by @leona-ya Activity log
- Created automatic suggestion
- @leona-ya removed package tigervnc
- @leona-ya accepted
- @leona-ya dismissed
Xorg: xmayland: use-after-free in xpresentnotify structure creation
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.
References
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- RHSA-2025:19432 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19433 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19434 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19435 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19489 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- RHSA-2025:19435 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19489 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19623 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- RHSA-2025:19432 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19433 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19434 x_refsource_REDHAT vendor-advisory
- https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- http://www.openwall.com/lists/oss-security/2025/10/28/7
- RHSA-2025:19432 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19433 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19434 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19435 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19489 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19623 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19909 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- http://www.openwall.com/lists/oss-security/2025/10/28/7
- RHSA-2025:19432 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19433 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19434 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19435 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19489 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19623 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19909 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20958 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20960 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20961 x_refsource_REDHAT vendor-advisory
- RHSA-2025:21035 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- http://www.openwall.com/lists/oss-security/2025/10/28/7
- RHSA-2025:19432 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19433 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19434 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19435 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19489 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19623 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19909 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20958 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20960 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20961 x_refsource_REDHAT vendor-advisory
- RHSA-2025:21035 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22040 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22041 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22051 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22055 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22056 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22077 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22096 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- http://www.openwall.com/lists/oss-security/2025/10/28/7
- RHSA-2025:19432 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19433 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19434 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19435 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19489 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19623 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19909 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20958 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20960 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20961 x_refsource_REDHAT vendor-advisory
- RHSA-2025:21035 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22040 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22041 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22051 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22055 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22056 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22077 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22096 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22164 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22167 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- http://www.openwall.com/lists/oss-security/2025/10/28/7
- RHSA-2025:19623 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19909 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20958 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20960 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20961 x_refsource_REDHAT vendor-advisory
- RHSA-2025:21035 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22040 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22041 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22051 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22055 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22056 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22077 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22096 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22164 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22167 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22364 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22365 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22426 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22427 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- RHSA-2025:19432 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19433 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19434 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19435 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19489 x_refsource_REDHAT vendor-advisory
- https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- http://www.openwall.com/lists/oss-security/2025/10/28/7
- RHSA-2025:22051 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22055 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22056 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22077 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22096 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22164 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22167 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22364 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22365 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22426 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22427 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22667 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- RHSA-2025:19432 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19433 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19434 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19435 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19489 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19623 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19909 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20958 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20960 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20961 x_refsource_REDHAT vendor-advisory
- RHSA-2025:21035 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22040 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22041 x_refsource_REDHAT vendor-advisory
- https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- http://www.openwall.com/lists/oss-security/2025/10/28/7
- RHSA-2025:19432 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19433 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19434 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19435 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19489 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19623 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19909 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20958 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20960 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20961 x_refsource_REDHAT vendor-advisory
- RHSA-2025:21035 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22040 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22041 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22051 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22055 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22056 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22077 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22096 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22164 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22167 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22364 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22365 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22426 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22427 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22667 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22729 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22742 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22753 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- http://www.openwall.com/lists/oss-security/2025/10/28/7
- RHSA-2025:19432 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19433 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19434 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19435 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19489 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19623 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19909 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20958 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20960 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20961 x_refsource_REDHAT vendor-advisory
- RHSA-2025:21035 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22040 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22041 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22051 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22055 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22056 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22077 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22096 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22164 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22167 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22364 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22365 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22426 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22427 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22667 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22729 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22742 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22753 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- http://www.openwall.com/lists/oss-security/2025/10/28/7
- RHSA-2025:22056 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22077 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22096 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22164 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22167 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22364 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22365 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22426 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22427 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22667 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22729 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22742 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22753 x_refsource_REDHAT vendor-advisory
- RHSA-2026:0031 x_refsource_REDHAT vendor-advisory
- RHSA-2026:0033 x_refsource_REDHAT vendor-advisory
- RHSA-2026:0034 x_refsource_REDHAT vendor-advisory
- RHSA-2026:0035 x_refsource_REDHAT vendor-advisory
- RHSA-2026:0036 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2025-62229 x_refsource_REDHAT vdb-entry
- RHBZ#2402649 issue-tracking x_refsource_REDHAT
- RHSA-2025:19432 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19433 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19434 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19435 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19489 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19623 x_refsource_REDHAT vendor-advisory
- RHSA-2025:19909 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20958 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20960 x_refsource_REDHAT vendor-advisory
- RHSA-2025:20961 x_refsource_REDHAT vendor-advisory
- RHSA-2025:21035 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22040 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22041 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22051 x_refsource_REDHAT vendor-advisory
- RHSA-2025:22055 x_refsource_REDHAT vendor-advisory
- https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- http://www.openwall.com/lists/oss-security/2025/10/28/7
Affected products
tigervnc
- *
xwayland
- <24.1.9
xorg-x11-server
- *
xorg-x11-server-Xwayland
- *