CVE-2025-49177

Опубликовано: 17 июн. 2025

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 6.1

Описание

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.

Релиз	Статус	Примечание
devel	not-affected	code not present
esm-infra/bionic	not-affected	code not present
esm-infra/focal	not-affected	code not present
esm-infra/xenial	not-affected	code not present
jammy	not-affected	code not present
noble	not-affected	code not present
oracular	not-affected	code not present
plucky	not-affected	code not present
upstream	not-affected

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra/xenial	not-affected	code not present
jammy	DNE
noble	DNE
oracular	DNE
plucky	DNE
upstream	not-affected

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra/bionic	not-affected	code not present
jammy	DNE
noble	DNE
oracular	DNE
plucky	DNE
upstream	not-affected

Показывать по

Релиз	Статус	Примечание
devel	pending	2:21.1.18-1ubuntu1
esm-infra-legacy/trusty	needs-triage
esm-infra/bionic	needs-triage
esm-infra/focal	needs-triage
esm-infra/xenial	needs-triage
jammy	released	2:21.1.4-2ubuntu1.7~22.04.15
noble	released	2:21.1.12-1ubuntu1.4
oracular	released	2:21.1.13-2ubuntu1.4
plucky	released	2:21.1.16-1ubuntu1.1
upstream	released	21.1.17

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra/xenial	needs-triage
jammy	DNE
noble	DNE
oracular	DNE
plucky	DNE
upstream	needs-triage

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra/bionic	needs-triage
jammy	DNE
noble	DNE
oracular	DNE
plucky	DNE
upstream	needs-triage

Показывать по

Релиз	Статус	Примечание
devel	released	2:24.1.6-1ubuntu1
jammy	released	2:22.1.1-1ubuntu0.19
noble	released	2:23.2.6-1ubuntu0.6
oracular	released	2:24.1.2-1ubuntu0.6
plucky	released	2:24.1.6-1ubuntu0.1
upstream	released	24.1.7

Показывать по

Ссылки на источники

EPSS

Процентиль: 4%

0.0002

Низкий

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2025-49177

CVSS3: 6.1

redhat

около 2 месяцев назад

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.

CVE-2025-49177

CVSS3: 6.1

nvd

около 2 месяцев назад

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.

CVE-2025-49177

CVSS3: 6.1

debian

около 2 месяцев назад

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnec ...

GHSA-pw35-9xmg-v8xw

CVSS3: 5.5

github

около 2 месяцев назад

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.

SUSE-SU-2025:01981-1

suse-cvrf

около 2 месяцев назад

Security update for xorg-x11-server

EPSS

Процентиль: 4%

0.0002

Низкий

6.1 Medium

CVSS3

CVE-2025-49177

Описание

Пакет xorg

Пакет xorg-hwe-16.04

Пакет xorg-hwe-18.04

Пакет xorg-server

Пакет xorg-server-hwe-16.04

Пакет xorg-server-hwe-18.04

Пакет xwayland

Ссылки на источники

Связанные уязвимости