CVE-2025-49175

EPSS 0.21%
Veröffentlicht 17.06.2025 14:39:39
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 37

CNA 47 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerX.Org

≫

Produkt xwayland

Default Statusunaffected

Version 0

Version < 24.1.8

Status affected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 10

Default Statusaffected

Version 0:24.1.5-4.el10_0

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION

Default Statusaffected

Version 0:1.1.0-25.el6_10.1

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 7.7 Advanced Update Support

Default Statusaffected

Version 0:1.8.0-17.el7_7.1

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 7 Extended Lifecycle Support

Default Statusaffected

Version 0:1.20.4-32.el7_9

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 7 Extended Lifecycle Support

Default Statusaffected

Version 0:1.8.0-36.el7_9.2

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8

Default Statusaffected

Version 0:1.20.11-26.el8_10

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8

Default Statusaffected

Version 0:21.1.3-18.el8_10

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8

Default Statusaffected

Version 0:1.15.0-7.el8_10

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.2 Advanced Update Support

Default Statusaffected

Version 0:1.9.0-15.el8_2.14

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.2 Advanced Update Support

Default Statusaffected

Version 0:1.20.6-4.el8_2

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support

Default Statusaffected

Version 0:1.20.10-2.el8_4

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support

Default Statusaffected

Version 0:1.11.0-8.el8_4.13

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Default Statusaffected

Version 0:1.20.10-2.el8_4

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Default Statusaffected

Version 0:1.11.0-8.el8_4.13

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support

Default Statusaffected

Version 0:1.12.0-6.el8_6.14

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support

Default Statusaffected

Version 0:21.1.3-2.el8_6.4

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support

Default Statusaffected

Version 0:1.20.11-5.el8_6.3

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On

Default Statusaffected

Version 0:1.12.0-6.el8_6.14

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On

Default Statusaffected

Version 0:21.1.3-2.el8_6.4

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Default Statusaffected

Version 0:1.12.0-6.el8_6.14

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Default Statusaffected

Version 0:21.1.3-2.el8_6.4

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Default Statusaffected

Version 0:1.20.11-5.el8_6.3

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions

Default Statusaffected

Version 0:1.12.0-6.el8_6.14

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions

Default Statusaffected

Version 0:21.1.3-2.el8_6.4

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions

Default Statusaffected

Version 0:1.20.11-5.el8_6.3

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On

Default Statusaffected

Version 0:1.20.11-16.el8_8

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On

Default Statusaffected

Version 0:21.1.3-11.el8_8

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Default Statusaffected

Version 0:1.20.11-16.el8_8

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Default Statusaffected

Version 0:1.12.0-15.el8_8.14

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Default Statusaffected

Version 0:21.1.3-11.el8_8

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions

Default Statusaffected

Version 0:1.20.11-16.el8_8

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions

Default Statusaffected

Version 0:1.12.0-15.el8_8.14

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions

Default Statusaffected

Version 0:21.1.3-11.el8_8

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9

Default Statusaffected

Version 0:1.20.11-31.el9_6

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9

Default Statusaffected

Version 0:23.2.7-4.el9_6

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9

Default Statusaffected

Version 0:1.14.1-8.el9_6

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Default Statusaffected

Version 0:21.1.3-3.el9_0

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Default Statusaffected

Version 0:1.20.11-11.el9_0

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Default Statusaffected

Version 0:1.11.0-22.el9_0.15

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Default Statusaffected

Version 0:21.1.3-8.el9_2

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Default Statusaffected

Version 0:1.20.11-18.el9_2

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Default Statusaffected

Version 0:1.12.0-14.el9_2.12

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.4 Extended Update Support

Default Statusaffected

Version 0:22.1.9-6.el9_4

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.4 Extended Update Support

Default Statusaffected

Version 0:1.20.11-26.el9_4

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9.4 Extended Update Support

Default Statusaffected

Version 0:1.13.1-8.el9_4.7

Version < *

Status unaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 6

Default Statusaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.21%	0.435

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secalert@redhat.com	6.1	1.8	4.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://access.redhat.com/security/cve/CVE-2025-49175

https://bugzilla.redhat.com/show_bug.cgi?id=2369947

https://access.redhat.com/errata/RHSA-2025:9303

https://access.redhat.com/errata/RHSA-2025:9304

https://access.redhat.com/errata/RHSA-2025:9305

https://access.redhat.com/errata/RHSA-2025:9306

https://access.redhat.com/errata/RHSA-2025:9392

https://access.redhat.com/errata/RHSA-2025:9964

https://access.redhat.com/errata/RHSA-2025:10258

https://access.redhat.com/errata/RHSA-2025:10342

https://access.redhat.com/errata/RHSA-2025:10343

https://access.redhat.com/errata/RHSA-2025:10347

https://access.redhat.com/errata/RHSA-2025:10348

https://access.redhat.com/errata/RHSA-2025:10344

https://access.redhat.com/errata/RHSA-2025:10346

https://access.redhat.com/errata/RHSA-2025:10349

https://access.redhat.com/errata/RHSA-2025:10350

https://access.redhat.com/errata/RHSA-2025:10351

https://access.redhat.com/errata/RHSA-2025:10352

https://access.redhat.com/errata/RHSA-2025:10355

https://access.redhat.com/errata/RHSA-2025:10356

https://access.redhat.com/errata/RHSA-2025:10360

https://access.redhat.com/errata/RHSA-2025:10370

https://access.redhat.com/errata/RHSA-2025:10374

https://access.redhat.com/errata/RHSA-2025:10375

https://access.redhat.com/errata/RHSA-2025:10376

https://access.redhat.com/errata/RHSA-2025:10377

https://access.redhat.com/errata/RHSA-2025:10378

https://access.redhat.com/errata/RHSA-2025:10381

https://access.redhat.com/errata/RHSA-2025:10410

https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html

https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911632ec0779eebee

https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024

https://www.x.org/wiki/Development/Security/

https://nvd.nist.gov/vuln/detail/CVE-2025-49175

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-49175

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-49175

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-49175