Automatically generated suggestions

to slate a suggestion for refinement.

to mark a suggestion as irrelevant and log the reason.

View:

Compact

Detailed

Permalink CVE-2025-6019

7.0 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): HIGH
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

Libblockdev: lpe from allow_active to root in libblockdev via udisks

A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.

References

https://access.redhat.com/security/cve/CVE-2025-6019 x_refsource_REDHAT vdb-entry
RHBZ#2370051 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/1
http://www.openwall.com/lists/oss-security/2025/06/17/5
http://www.openwall.com/lists/oss-security/2025/06/17/6
https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html
https://access.redhat.com/security/cve/CVE-2025-6019 x_refsource_REDHAT vdb-entry
RHBZ#2370051 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/1
http://www.openwall.com/lists/oss-security/2025/06/17/5
http://www.openwall.com/lists/oss-security/2025/06/17/6
https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html
https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
https://access.redhat.com/security/cve/CVE-2025-6019 x_refsource_REDHAT vdb-entry
RHBZ#2370051 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/17/5
http://www.openwall.com/lists/oss-security/2025/06/17/6
https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html
http://www.openwall.com/lists/oss-security/2025/06/18/1
RHSA-2025:9320 vendor-advisory x_refsource_REDHAT
RHSA-2025:9321 vendor-advisory x_refsource_REDHAT
RHSA-2025:9322 vendor-advisory x_refsource_REDHAT
RHSA-2025:9323 vendor-advisory x_refsource_REDHAT
RHSA-2025:9324 vendor-advisory x_refsource_REDHAT
RHSA-2025:9325 vendor-advisory x_refsource_REDHAT
RHSA-2025:9326 vendor-advisory x_refsource_REDHAT
RHSA-2025:9327 vendor-advisory x_refsource_REDHAT
RHSA-2025:9328 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6019 x_refsource_REDHAT vdb-entry
RHBZ#2370051 issue-tracking x_refsource_REDHAT
https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
http://www.openwall.com/lists/oss-security/2025/06/17/5
http://www.openwall.com/lists/oss-security/2025/06/17/6
https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html
http://www.openwall.com/lists/oss-security/2025/06/18/1
https://www.bleepingcomputer.com/news/linux/new-linux-udisks-flaw-lets-attacker…
https://news.ycombinator.com/item?id=44325861
RHSA-2025:9320 vendor-advisory x_refsource_REDHAT
RHSA-2025:9321 vendor-advisory x_refsource_REDHAT
RHSA-2025:9322 vendor-advisory x_refsource_REDHAT
RHSA-2025:9323 vendor-advisory x_refsource_REDHAT
RHSA-2025:9324 vendor-advisory x_refsource_REDHAT
RHSA-2025:9325 vendor-advisory x_refsource_REDHAT
RHSA-2025:9326 vendor-advisory x_refsource_REDHAT
RHSA-2025:9327 vendor-advisory x_refsource_REDHAT
RHSA-2025:9328 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6019 x_refsource_REDHAT vdb-entry
RHBZ#2370051 issue-tracking x_refsource_REDHAT
https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
http://www.openwall.com/lists/oss-security/2025/06/17/5
http://www.openwall.com/lists/oss-security/2025/06/17/6
https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html
http://www.openwall.com/lists/oss-security/2025/06/18/1
https://www.bleepingcomputer.com/news/linux/new-linux-udisks-flaw-lets-attacker…
https://news.ycombinator.com/item?id=44325861
RHSA-2025:9326 vendor-advisory x_refsource_REDHAT
RHSA-2025:9327 vendor-advisory x_refsource_REDHAT
RHSA-2025:9328 vendor-advisory x_refsource_REDHAT
RHSA-2025:9878 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6019 x_refsource_REDHAT vdb-entry
RHBZ#2370051 issue-tracking x_refsource_REDHAT
https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
RHSA-2025:9320 vendor-advisory x_refsource_REDHAT
RHSA-2025:9321 vendor-advisory x_refsource_REDHAT
RHSA-2025:9322 vendor-advisory x_refsource_REDHAT
RHSA-2025:9323 vendor-advisory x_refsource_REDHAT
RHSA-2025:9324 vendor-advisory x_refsource_REDHAT
RHSA-2025:9325 vendor-advisory x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/17/5
http://www.openwall.com/lists/oss-security/2025/06/17/6
https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html
http://www.openwall.com/lists/oss-security/2025/06/18/1
https://www.bleepingcomputer.com/news/linux/new-linux-udisks-flaw-lets-attacker…
https://news.ycombinator.com/item?id=44325861
RHSA-2025:9326 vendor-advisory x_refsource_REDHAT
RHSA-2025:9327 vendor-advisory x_refsource_REDHAT
RHSA-2025:9328 vendor-advisory x_refsource_REDHAT
RHSA-2025:9878 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6019 x_refsource_REDHAT vdb-entry
RHBZ#2370051 issue-tracking x_refsource_REDHAT
https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
RHSA-2025:10796 vendor-advisory x_refsource_REDHAT
RHSA-2025:9320 vendor-advisory x_refsource_REDHAT
RHSA-2025:9321 vendor-advisory x_refsource_REDHAT
RHSA-2025:9322 vendor-advisory x_refsource_REDHAT
RHSA-2025:9323 vendor-advisory x_refsource_REDHAT
RHSA-2025:9324 vendor-advisory x_refsource_REDHAT
RHSA-2025:9325 vendor-advisory x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/17/5
http://www.openwall.com/lists/oss-security/2025/06/17/6
https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html
http://www.openwall.com/lists/oss-security/2025/06/18/1
https://www.bleepingcomputer.com/news/linux/new-linux-udisks-flaw-lets-attacker…
https://news.ycombinator.com/item?id=44325861
RHSA-2025:9321 vendor-advisory x_refsource_REDHAT
RHSA-2025:9322 vendor-advisory x_refsource_REDHAT
RHSA-2025:9323 vendor-advisory x_refsource_REDHAT
RHSA-2025:9324 vendor-advisory x_refsource_REDHAT
RHSA-2025:9325 vendor-advisory x_refsource_REDHAT
RHSA-2025:9326 vendor-advisory x_refsource_REDHAT
RHSA-2025:9327 vendor-advisory x_refsource_REDHAT
RHSA-2025:9328 vendor-advisory x_refsource_REDHAT
RHSA-2025:9878 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6019 x_refsource_REDHAT vdb-entry
RHBZ#2370051 issue-tracking x_refsource_REDHAT
https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
RHSA-2025:10796 vendor-advisory x_refsource_REDHAT
RHSA-2025:9320 vendor-advisory x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/17/5
http://www.openwall.com/lists/oss-security/2025/06/17/6
https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html
http://www.openwall.com/lists/oss-security/2025/06/18/1
https://www.bleepingcomputer.com/news/linux/new-linux-udisks-flaw-lets-attacker…
https://news.ycombinator.com/item?id=44325861
RHSA-2025:9327 vendor-advisory x_refsource_REDHAT
RHSA-2025:9328 vendor-advisory x_refsource_REDHAT
RHSA-2025:9878 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6019 x_refsource_REDHAT vdb-entry
RHBZ#2370051 issue-tracking x_refsource_REDHAT
https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
RHSA-2025:10796 vendor-advisory x_refsource_REDHAT
RHSA-2025:9320 vendor-advisory x_refsource_REDHAT
RHSA-2025:9321 vendor-advisory x_refsource_REDHAT
RHSA-2025:9322 vendor-advisory x_refsource_REDHAT
RHSA-2025:9323 vendor-advisory x_refsource_REDHAT
RHSA-2025:9324 vendor-advisory x_refsource_REDHAT
RHSA-2025:9325 vendor-advisory x_refsource_REDHAT
RHSA-2025:9326 vendor-advisory x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/17/5
http://www.openwall.com/lists/oss-security/2025/06/17/6
https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html
http://www.openwall.com/lists/oss-security/2025/06/18/1
https://www.bleepingcomputer.com/news/linux/new-linux-udisks-flaw-lets-attacker…
https://news.ycombinator.com/item?id=44325861
RHSA-2025:9326 vendor-advisory x_refsource_REDHAT
RHSA-2025:9327 vendor-advisory x_refsource_REDHAT
RHSA-2025:9328 vendor-advisory x_refsource_REDHAT
RHSA-2025:9878 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6019 x_refsource_REDHAT vdb-entry
RHBZ#2370051 issue-tracking x_refsource_REDHAT
https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
RHSA-2025:10796 vendor-advisory x_refsource_REDHAT
RHSA-2025:9320 vendor-advisory x_refsource_REDHAT
RHSA-2025:9321 vendor-advisory x_refsource_REDHAT
RHSA-2025:9322 vendor-advisory x_refsource_REDHAT
RHSA-2025:9323 vendor-advisory x_refsource_REDHAT
RHSA-2025:9324 vendor-advisory x_refsource_REDHAT
RHSA-2025:9325 vendor-advisory x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/17/5
http://www.openwall.com/lists/oss-security/2025/06/17/6
https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html
http://www.openwall.com/lists/oss-security/2025/06/18/1
https://www.bleepingcomputer.com/news/linux/new-linux-udisks-flaw-lets-attacker…
https://news.ycombinator.com/item?id=44325861

Affected products

libblockdev

<3.3.1
*

Matching in nixpkgs

pkgs.libblockdev

Library for manipulating block devices

nixos-unstable -
- nixpkgs-unstable 3.3.0

Package maintainers

@JohnAZoidberg Daniel Schäfer <git@danielschaefer.me>

Permalink CVE-2025-6384

created 6 months ago

Improper Control of Dynamically-Managed Code Resources in Crafter Studio

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution). This issue affects CrafterCMS: from 4.0.0 through 4.2.2.

References

Affected products

Studio

<4.3.0

Matching in nixpkgs

pkgs.rstudio

Set of integrated tools for the R language

nixos-unstable -
- nixpkgs-unstable 2025.05.1+513

pkgs.rstudio-server

Set of integrated tools for the R language

nixos-unstable -
- nixpkgs-unstable 2025.05.1+513

pkgs.rstudioWrapper

None

nixos-unstable -
- nixpkgs-unstable 2025.05.1+513-wrapper

pkgs.rstudioServerWrapper

None

nixos-unstable -
- nixpkgs-unstable 2025.05.1+513-wrapper

pkgs.vscode-extensions.visualstudiotoolsforunity.vstuc

Integrates Visual Studio Code for Unity

nixos-unstable -
- nixpkgs-unstable 1.1.3

pkgs.vscode-extensions.visualstudioexptteam.vscodeintellicode

AI-assisted development

nixos-unstable -
- nixpkgs-unstable 1.3.2

pkgs.vscode-extensions.visualstudioexptteam.intellicode-api-usage-examples

See relevant code examples from GitHub for over 100K different APIs right in your editor

nixos-unstable -
- nixpkgs-unstable 0.2.9

Package maintainers

@cfhammill Chris Hammill <cfhammill@gmail.com>
@ciil Simon Lackerbauer <simon@lackerbauer.com>
@TomaSajt TomaSajt
@TheMaxMur Maxim Muravev <muravjev.mak@yandex.ru>
@mibmo mib <mib@kanp.ai>

Permalink CVE-2025-49254

8.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

WordPress Nika <= 1.2.8 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Nika allows PHP Local File Inclusion. This issue affects Nika: from n/a through 1.2.8.

References

Affected products

nika

=<1.2.8

Matching in nixpkgs

pkgs.nika-fonts

Persian/Arabic Open Source Font

nixos-unstable -
- nixpkgs-unstable 1.0.0

pkgs.python312Packages.minikanren

Relational programming in Python

nixos-unstable -
- nixpkgs-unstable 1.0.5

pkgs.python313Packages.minikanren

Relational programming in Python

nixos-unstable -
- nixpkgs-unstable 1.0.5

Package maintainers

@Etjean Etienne Jean <et.jean@outlook.fr>

Permalink CVE-2025-49179

6.6 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): HIGH

created 6 months ago

Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x record extension

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

References

https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
https://gitlab.freedesktop.org/xorg/xserver/-/commit/2bde9ca49a8fd9a1e6697d5e7e…
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 x_refsource_REDHAT vdb-entry
RHBZ#2369978 issue-tracking x_refsource_REDHAT
https://gitlab.freedesktop.org/xorg/xserver/-/commit/2bde9ca49a8fd9a1e6697d5e7e…
https://www.x.org/wiki/Development/Security/
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html

Affected products

tigervnc

xwayland

<24.1.7

xorg-x11-server

xorg-x11-server-Xwayland

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

nixos-unstable -
- nixpkgs-unstable 1.15.0

Permalink CVE-2025-49175

5.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash.

References

https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911…
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911…
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024
https://www.x.org/wiki/Development/Security/
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 x_refsource_REDHAT vdb-entry
RHBZ#2369947 issue-tracking x_refsource_REDHAT
https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911…
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html

Affected products

tigervnc

xwayland

<24.1.8

xorg-x11-server

xorg-x11-server-Xwayland

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

nixos-unstable -
- nixpkgs-unstable 1.15.0

Permalink CVE-2025-49176

6.6 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): HIGH

created 6 months ago

Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension

A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.

References

https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/2
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/2
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/2
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/2
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/2
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/2
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/2
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/2
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/2
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/2
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/2
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2025/06/18/2
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe6…
https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f99…
http://www.openwall.com/lists/oss-security/2025/06/18/2
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
RHSA-2025:10258 vendor-advisory x_refsource_REDHAT
RHSA-2025:10342 vendor-advisory x_refsource_REDHAT
RHSA-2025:10343 vendor-advisory x_refsource_REDHAT
RHSA-2025:10344 vendor-advisory x_refsource_REDHAT
RHSA-2025:10346 vendor-advisory x_refsource_REDHAT
RHSA-2025:10347 vendor-advisory x_refsource_REDHAT
RHSA-2025:10348 vendor-advisory x_refsource_REDHAT
RHSA-2025:10349 vendor-advisory x_refsource_REDHAT
RHSA-2025:10350 vendor-advisory x_refsource_REDHAT
RHSA-2025:10351 vendor-advisory x_refsource_REDHAT
RHSA-2025:10352 vendor-advisory x_refsource_REDHAT
RHSA-2025:10355 vendor-advisory x_refsource_REDHAT
RHSA-2025:10356 vendor-advisory x_refsource_REDHAT
RHSA-2025:10360 vendor-advisory x_refsource_REDHAT
RHSA-2025:10370 vendor-advisory x_refsource_REDHAT
RHSA-2025:10374 vendor-advisory x_refsource_REDHAT
RHSA-2025:10375 vendor-advisory x_refsource_REDHAT
RHSA-2025:10376 vendor-advisory x_refsource_REDHAT
RHSA-2025:10377 vendor-advisory x_refsource_REDHAT
RHSA-2025:10378 vendor-advisory x_refsource_REDHAT
RHSA-2025:10381 vendor-advisory x_refsource_REDHAT
RHSA-2025:10410 vendor-advisory x_refsource_REDHAT
RHSA-2025:9303 vendor-advisory x_refsource_REDHAT
RHSA-2025:9304 vendor-advisory x_refsource_REDHAT
RHSA-2025:9305 vendor-advisory x_refsource_REDHAT
RHSA-2025:9306 vendor-advisory x_refsource_REDHAT
RHSA-2025:9392 vendor-advisory x_refsource_REDHAT
RHSA-2025:9964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 x_refsource_REDHAT vdb-entry
RHBZ#2369954 issue-tracking x_refsource_REDHAT
https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe6…
https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f99…
https://www.x.org/wiki/Development/Security/
http://www.openwall.com/lists/oss-security/2025/06/18/2
https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html

Affected products

tigervnc

xwayland

<24.1.7

xorg-x11-server

xorg-x11-server-Xwayland

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

nixos-unstable -
- nixpkgs-unstable 1.15.0

Permalink CVE-2025-24761

8.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

WordPress DSK <= 2.2 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme DSK allows PHP Local File Inclusion. This issue affects DSK: from n/a through 2.2.

References

https://patchstack.com/database/wordpress/theme/dsk/vulnerability/wordpress-dsk… vdb-entry

Affected products

dsk

=<2.2

Matching in nixpkgs

pkgs.idsk

Manipulating CPC dsk images and files

nixos-unstable -
- nixpkgs-unstable 0.20

pkgs.libdsk

Library for accessing discs and disc image files

nixos-unstable -
- nixpkgs-unstable 1.5.22

pkgs.robotfindskitten

Yet another zen simulation; A simple find-the-kitten game

nixos-unstable -
- nixpkgs-unstable 2.8284271.702

pkgs.python312Packages.pmdsky-debug-py

Autogenerated and statically check-able pmdsky-debug symbol definitions for Python

nixos-unstable -
- nixpkgs-unstable 10.0.48

pkgs.python313Packages.pmdsky-debug-py

Autogenerated and statically check-able pmdsky-debug symbol definitions for Python

nixos-unstable -
- nixpkgs-unstable 10.0.48

Package maintainers

@wegank Weijia Wang <contact@weijia.wang>
@marius851000 Marius David <nix@mariusdavid.fr>

Permalink CVE-2025-31919

9.8 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

WordPress Spare <= 1.7 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This issue affects Spare: from n/a through 1.7.

References

https://patchstack.com/database/wordpress/theme/spare/vulnerability/wordpress-s… vdb-entry

Affected products

spare

=<1.7

Matching in nixpkgs

pkgs.asciiquarium-transparent

Aquarium/sea animation in ASCII art (with option of transparent background)

nixos-unstable -
- nixpkgs-unstable 1.4

pkgs.materia-theme-transparent

Transparent Material Design theme for GNOME/GTK based desktop environments

nixos-unstable -
- nixpkgs-unstable 0-unstable-2021-03-22

pkgs.gnomeExtensions.transparent-top-bar

Bring back the transparent top bar when free-floating in GNOME Shell 3.32.

nixos-unstable -
- nixpkgs-unstable 24

pkgs.gnomeExtensions.transparent-window-moving

Makes the window semi-transparent when moving or resizing

nixos-unstable -
- nixpkgs-unstable 19

pkgs.sway-contrib.inactive-windows-transparency

It makes inactive sway windows transparent

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-03-19

pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency

Fork of: https://github.com/zhanghai/gnome-shell-extension-transparent-top-bar

nixos-unstable -
- nixpkgs-unstable 24

Package maintainers

@quantenzitrone quantenzitrone <nix@dev.quantenzitrone.eu>
@honnip Jung seungwoo <me@honnip.page>
@CorbinWunderlich Corbin Wunderlich <corbin@wcopy.net>
@evils Evils <evils.devils@protonmail.com>

Permalink CVE-2025-6199

3.3 LOW

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): NONE

created 6 months ago

Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image.

References

https://access.redhat.com/security/cve/CVE-2025-6199 x_refsource_REDHAT vdb-entry
RHBZ#2373147 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6199 x_refsource_REDHAT vdb-entry
RHBZ#2373147 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6199 x_refsource_REDHAT vdb-entry
RHBZ#2373147 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6199 x_refsource_REDHAT vdb-entry
RHBZ#2373147 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6199 x_refsource_REDHAT vdb-entry
RHBZ#2373147 issue-tracking x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/06/msg00023.html
https://access.redhat.com/security/cve/CVE-2025-6199 x_refsource_REDHAT vdb-entry
RHBZ#2373147 issue-tracking x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/06/msg00023.html

Affected products

loupe

librsvg2

snapshot

gdk-pixbuf

<2.43.2

gdk-pixbuf2

glycin-loaders

Matching in nixpkgs

pkgs.loupe

Simple image viewer application written with GTK4 and Rust

nixos-unstable -
- nixpkgs-unstable 48.1

pkgs.snapshot

Take pictures and videos on your computer, tablet, or phone

nixos-unstable -
- nixpkgs-unstable 48.0.1

pkgs.rsnapshot

Filesystem snapshot utility for making backups of local and remote systems

nixos-unstable -
- nixpkgs-unstable 1.5.1

pkgs.aj-snapshot

Tool for storing/restoring JACK and/or ALSA connections to/from cml files

nixos-unstable -
- nixpkgs-unstable 0.9.9

pkgs.glycin-loaders

Glycin loaders for several formats

nixos-unstable -
- nixpkgs-unstable 1.2.3

pkgs.nix-snapshotter

Brings native understanding of Nix packages to containerd

nixos-unstable -
- nixpkgs-unstable 0.3.0

pkgs.btrfs-auto-snapshot

BTRFS Automatic Snapshot Service for Linux

nixos-unstable -
- nixpkgs-unstable 2.0.4

pkgs.zfs-prune-snapshots

Remove snapshots from one or more zpools that match given criteria

nixos-unstable -
- nixpkgs-unstable 1.5.0

pkgs.python312Packages.torchsnapshot

Performant, memory-efficient checkpointing library for PyTorch applications, designed with large, complex distributed workloads in mind

nixos-unstable -
- nixpkgs-unstable 0.1.0

pkgs.python313Packages.torchsnapshot

Performant, memory-efficient checkpointing library for PyTorch applications, designed with large, complex distributed workloads in mind

nixos-unstable -
- nixpkgs-unstable 0.1.0

pkgs.python312Packages.inline-snapshot

Create and update inline snapshots in Python tests

nixos-unstable -
- nixpkgs-unstable 0.24.0

pkgs.python312Packages.pytest-snapshot

Plugin to enable snapshot testing with pytest

nixos-unstable -
- nixpkgs-unstable 0.9.0

pkgs.python313Packages.inline-snapshot

Create and update inline snapshots in Python tests

nixos-unstable -
- nixpkgs-unstable 0.24.0

pkgs.python313Packages.pytest-snapshot

Plugin to enable snapshot testing with pytest

nixos-unstable -
- nixpkgs-unstable 0.9.0

pkgs.python312Packages.snapshot-restore-py

Snapshot Restore for Python library which can be used for registering runtime hooks in Snapstart enabled Python Lambda functions

nixos-unstable -
- nixpkgs-unstable 1.0.0

pkgs.python313Packages.snapshot-restore-py

Snapshot Restore for Python library which can be used for registering runtime hooks in Snapstart enabled Python Lambda functions

nixos-unstable -
- nixpkgs-unstable 1.0.0

pkgs.python312Packages.pytest-textual-snapshot

Snapshot testing for Textual applications

nixos-unstable -
- nixpkgs-unstable 1.1.0

pkgs.python313Packages.pytest-textual-snapshot

Snapshot testing for Textual applications

nixos-unstable -
- nixpkgs-unstable 1.1.0

Package maintainers

@mrVanDalo Ingolf Wanger <contact@ingolf-wagner.de>
@motiejus Motiejus Jakštys <motiejus@jakstys.lt>
@jtojnar Jan Tojnar <jtojnar@gmail.com>
@bobby285271 Bobby Rong <rjl931189261@126.com>
@dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
@hedning Tor Hedin Brønner <torhedinbronner@gmail.com>
@06kellyjac Jack <hello+nixpkgs@j-k.io>
@elpdt852 Edgar Lee <nix@pdtpartners.com>
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
@austinbutler Austin Butler <austinabutler@gmail.com>
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
@liberodark liberodark <liberodark@gmail.com>
@ymarkus Yannick Markus <nixpkgs@ymarkus.dev>

Permalink CVE-2025-6196

5.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Libgepub: integer overflow in libgepub's epub archive handling

A flaw was found in libgepub, a library used to read EPUB files. The software mishandles file size calculations when opening specially crafted EPUB files, leading to incorrect memory allocations. This issue causes the application to crash. Known affected usage includes desktop services like Tumbler, which may process malicious files automatically when browsing directories. While no direct remote attack vectors are confirmed, any application using libgepub to parse user-supplied EPUB content could be vulnerable to a denial of service.

References

https://access.redhat.com/security/cve/CVE-2025-6196 x_refsource_REDHAT vdb-entry
RHBZ#2373117 issue-tracking x_refsource_REDHAT
https://gitlab.gnome.org/GNOME/libgepub/-/issues/18
https://gitlab.gnome.org/GNOME/libgepub/-/issues/18
https://access.redhat.com/security/cve/CVE-2025-6196 x_refsource_REDHAT vdb-entry
RHBZ#2373117 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6196 x_refsource_REDHAT vdb-entry
RHBZ#2373117 issue-tracking x_refsource_REDHAT
https://gitlab.gnome.org/GNOME/libgepub/-/issues/18
https://access.redhat.com/security/cve/CVE-2025-6196 x_refsource_REDHAT vdb-entry
RHBZ#2373117 issue-tracking x_refsource_REDHAT
https://gitlab.gnome.org/GNOME/libgepub/-/issues/18

Affected products

libgepub

<0.7.2

Matching in nixpkgs

pkgs.libgepub

GObject based library for handling and rendering epub documents

nixos-unstable -
- nixpkgs-unstable 0.7.3

Package maintainers

@hedning Tor Hedin Brønner <torhedinbronner@gmail.com>
@jtojnar Jan Tojnar <jtojnar@gmail.com>
@dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
@bobby285271 Bobby Rong <rjl931189261@126.com>