Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-49179

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 17 июн. 2025
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: medium
EPSS Низкий
CVSS3: 7.3

ОписаниС

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

not-affected

code not present
esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

code not present
esm-infra/xenial

not-affected

code not present
jammy

not-affected

code not present
noble

not-affected

code not present
oracular

not-affected

code not present
plucky

not-affected

code not present
questing

not-affected

code not present
upstream

not-affected

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

DNE

esm-infra/xenial

not-affected

code not present
jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

questing

DNE

upstream

not-affected

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

DNE

esm-infra/bionic

not-affected

code not present
jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

questing

DNE

upstream

not-affected

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

released

2:21.1.18-1ubuntu1
esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

released

2:1.19.6-1ubuntu4.15+esm13
esm-infra/focal

released

2:1.20.13-1ubuntu1~20.04.20+esm1
esm-infra/xenial

released

2:1.18.4-0ubuntu0.12+esm18
jammy

released

2:21.1.4-2ubuntu1.7~22.04.15
noble

released

2:21.1.12-1ubuntu1.4
oracular

released

2:21.1.13-2ubuntu1.4
plucky

released

2:21.1.16-1ubuntu1.1
questing

released

2:21.1.18-1ubuntu1

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

DNE

esm-infra/xenial

released

2:1.19.6-1ubuntu4.1~16.04.6+esm10
jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

questing

DNE

upstream

needs-triage

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

DNE

esm-infra/bionic

released

2:1.20.8-2ubuntu2.2~18.04.11+esm5
jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

questing

DNE

upstream

needs-triage

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

released

2:24.1.6-1ubuntu1
jammy

released

2:22.1.1-1ubuntu0.19
noble

released

2:23.2.6-1ubuntu0.6
oracular

released

2:24.1.2-1ubuntu0.6
plucky

released

2:24.1.6-1ubuntu0.1
questing

released

2:24.1.6-1ubuntu1
upstream

released

24.1.7

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 9%
0.00033
Низкий

7.3 High

CVSS3

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-49179

CVSS3: 7.3
redhat
8 мСсяцСв Π½Π°Π·Π°Π΄

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-49179

CVSS3: 7.3
nvd
8 мСсяцСв Π½Π°Π·Π°Π΄

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

msrc Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-49179

CVSS3: 6.6
msrc
ΠΎΠΊΠΎΠ»ΠΎ 2 мСсяцСв Π½Π°Π·Π°Π΄

Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x record extension

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-49179

CVSS3: 7.3
debian
8 мСсяцСв Π½Π°Π·Π°Π΄

A flaw was found in the X Record extension. The RecordSanityCheckRegis ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-q547-25x8-mx66

CVSS3: 6.6
github
8 мСсяцСв Π½Π°Π·Π°Π΄

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 9%
0.00033
Низкий

7.3 High

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2025-49179