Описание
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.
Отчет
This vulnerability is rated as an important severity because the flaw exists in the X Record extension of the X.Org X server within the RecordSanityCheckRegisterClients function, which fails to validate integer overflows when calculating the length of client registration requests. As a result, the server may read or write beyond intended memory bounds, leading primarily to denial of service by crashing the process, possibility of leaking memory contents or corrupting data.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | xorg-x11-server | Will not fix | ||
| Red Hat Enterprise Linux 10 | xorg-x11-server-Xwayland | Fixed | RHSA-2025:9304 | 23.06.2025 |
| Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION | tigervnc | Fixed | RHSA-2025:10377 | 07.07.2025 |
| Red Hat Enterprise Linux 7.7 Advanced Update Support | tigervnc | Fixed | RHSA-2025:10376 | 07.07.2025 |
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | xorg-x11-server | Fixed | RHSA-2025:10360 | 07.07.2025 |
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | tigervnc | Fixed | RHSA-2025:10375 | 07.07.2025 |
| Red Hat Enterprise Linux 8 | xorg-x11-server | Fixed | RHSA-2025:9305 | 23.06.2025 |
| Red Hat Enterprise Linux 8 | xorg-x11-server-Xwayland | Fixed | RHSA-2025:9305 | 23.06.2025 |
| Red Hat Enterprise Linux 8 | tigervnc | Fixed | RHSA-2025:9392 | 23.06.2025 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | tigervnc | Fixed | RHSA-2025:10378 | 07.07.2025 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.3 High
CVSS3
Связанные уязвимости
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.
A flaw was found in the X Record extension. The RecordSanityCheckRegis ...
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.
Уязвимость функции RecordSanityCheckRegisterClients() сервера X Window System Xorg-server, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.3 High
CVSS3