Описание
A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.
Отчет
This vulnerability is rated as an important severity because this flaw exists in the Big Requests extension of the X.Org X server, where the length of client requests is multiplied by 4 before validating against the maximum allowed size. This computation can cause an integer overflow when a sufficiently large length value is provided, resulting in a wrapped-around total length that appears valid to the size check logic, leading to out-of-bounds memory access, successful exploitation can cause denial of service by crashing the server and may permit memory corruption, compromising system integrity and availability.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | xorg-x11-server | Will not fix | ||
| Red Hat Enterprise Linux 10 | xorg-x11-server-Xwayland | Fixed | RHSA-2025:9304 | 23.06.2025 |
| Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION | tigervnc | Fixed | RHSA-2025:10377 | 07.07.2025 |
| Red Hat Enterprise Linux 7.7 Advanced Update Support | tigervnc | Fixed | RHSA-2025:10376 | 07.07.2025 |
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | xorg-x11-server | Fixed | RHSA-2025:10360 | 07.07.2025 |
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | tigervnc | Fixed | RHSA-2025:10375 | 07.07.2025 |
| Red Hat Enterprise Linux 8 | xorg-x11-server | Fixed | RHSA-2025:9305 | 23.06.2025 |
| Red Hat Enterprise Linux 8 | xorg-x11-server-Xwayland | Fixed | RHSA-2025:9305 | 23.06.2025 |
| Red Hat Enterprise Linux 8 | tigervnc | Fixed | RHSA-2025:9392 | 23.06.2025 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | tigervnc | Fixed | RHSA-2025:10378 | 07.07.2025 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.3 High
CVSS3
Связанные уязвимости
A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.
A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.
A flaw was found in the Big Requests extension. The request length is ...
EPSS
7.3 High
CVSS3