7.8

CVE-2025-26597

Xorg: xwayland: buffer overflow in xkbchangetypesofkey()

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TigervncTigervnc Version-
X.OrgX Server Version < 21.1.16
X.OrgXwayland Version < 24.1.6
RedhatEnterprise Linux Version7.0
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Version9.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.49% 0.382
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
secalert@redhat.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://access.redhat.com/security/cve/CVE-2025-26597
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2345255
Issue Tracking
https://access.redhat.com/errata/RHSA-2025:2500
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2502
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2862
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2865
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2874
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2875
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2861
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2866
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2873
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2879
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2880
Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:7163
https://access.redhat.com/errata/RHSA-2025:7165
https://access.redhat.com/errata/RHSA-2025:7458
https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html
https://access.redhat.com/errata/RHSA-2025:3976
http://www.openwall.com/lists/oss-security/2026/06/02/1