Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-49179

Опубликовано: 17 июн. 2025
Источник: debian
EPSS Низкий

Описание

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
xorg-serverfixed2:21.1.16-1.2package
xwaylandunfixedpackage
xwaylandignoredbookwormpackage

Примечания

  • Fixed by: https://gitlab.freedesktop.org/xorg/xserver/-/commit/2bde9ca49a8fd9a1e6697d5e7ef837870d66f5d4

EPSS

Процентиль: 3%
0.00019
Низкий

Связанные уязвимости

CVSS3: 7.3
ubuntu
около 2 месяцев назад

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

CVSS3: 7.3
redhat
около 2 месяцев назад

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

CVSS3: 7.3
nvd
около 2 месяцев назад

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

CVSS3: 6.6
github
около 2 месяцев назад

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

CVSS3: 6.6
fstec
4 месяца назад

Уязвимость функции RecordSanityCheckRegisterClients() сервера X Window System Xorg-server, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 3%
0.00019
Низкий