Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-49179

Опубликовано: 17 июн. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.3

Описание

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

РелизСтатусПримечание
devel

not-affected

code not present
esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

code not present
esm-infra/xenial

not-affected

code not present
jammy

not-affected

code not present
noble

not-affected

code not present
oracular

not-affected

code not present
plucky

not-affected

code not present
upstream

not-affected

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/xenial

not-affected

code not present
jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

not-affected

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

not-affected

code not present
jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

not-affected

Показывать по

РелизСтатусПримечание
devel

pending

2:21.1.18-1ubuntu1
esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

released

2:1.19.6-1ubuntu4.15+esm13
esm-infra/focal

released

2:1.20.13-1ubuntu1~20.04.20+esm1
esm-infra/xenial

released

2:1.18.4-0ubuntu0.12+esm18
jammy

released

2:21.1.4-2ubuntu1.7~22.04.15
noble

released

2:21.1.12-1ubuntu1.4
oracular

released

2:21.1.13-2ubuntu1.4
plucky

released

2:21.1.16-1ubuntu1.1
upstream

released

21.1.17

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/xenial

released

2:1.19.6-1ubuntu4.1~16.04.6+esm10
jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/bionic

released

2:1.20.8-2ubuntu2.2~18.04.11+esm5
jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

released

2:24.1.6-1ubuntu1
jammy

released

2:22.1.1-1ubuntu0.19
noble

released

2:23.2.6-1ubuntu0.6
oracular

released

2:24.1.2-1ubuntu0.6
plucky

released

2:24.1.6-1ubuntu0.1
upstream

released

24.1.7

Показывать по

EPSS

Процентиль: 3%
0.00019
Низкий

7.3 High

CVSS3

Связанные уязвимости

CVSS3: 7.3
redhat
около 2 месяцев назад

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

CVSS3: 7.3
nvd
около 2 месяцев назад

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

CVSS3: 7.3
debian
около 2 месяцев назад

A flaw was found in the X Record extension. The RecordSanityCheckRegis ...

CVSS3: 6.6
github
около 2 месяцев назад

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

CVSS3: 6.6
fstec
4 месяца назад

Уязвимость функции RecordSanityCheckRegisterClients() сервера X Window System Xorg-server, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 3%
0.00019
Низкий

7.3 High

CVSS3