Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-62229

Опубликовано: 30 окт. 2025
Источник: debian
EPSS Низкий

Описание

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
xorg-serverfixed2:21.1.20-1package
xwaylandfixed2:24.1.9-1package
xwaylandignoredtrixiepackage
xwaylandignoredbookwormpackage

Примечания

  • https://lists.x.org/archives/xorg-announce/2025-October/003635.html

  • Fixed by: https://gitlab.freedesktop.org/xorg/xserver/-/commit/5a4286b13f631b66c20f5bc8db7b68211dcbd1d0

  • Fixed by: https://gitlab.freedesktop.org/xorg/xserver/-/commit/554dfabfbc23c3e74997e09c13f5424a60daf9ee (xorg-server-21.1.19)

EPSS

Процентиль: 3%
0.00016
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-62229

CVSS3: 7.3
ubuntu
3 месяца назад

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.

nvd логотип

CVE-2025-62229

CVSS3: 7.3
nvd
3 месяца назад

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.

msrc логотип

CVE-2025-62229

CVSS3: 7.8
msrc
3 месяца назад

Xorg: xmayland: use-after-free in xpresentnotify structure creation

github логотип

GHSA-49pm-cgmh-hw25

CVSS3: 7.3
github
3 месяца назад

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.

fstec логотип

BDU:2025-15933

CVSS3: 7.3
fstec
3 месяца назад

Уязвимость функции present_create_notifies реализации протокола Wayland для X.Org XWayland и реализации сервера X Window System X.Org Server, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

EPSS

Процентиль: 3%
0.00016
Низкий