7.3
CVE-2025-62229
- EPSS 0.48%
- Veröffentlicht 30.10.2025 05:28:48
- Zuletzt bearbeitet 20.04.2026 14:16:11
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Xorg: xmayland: use-after-free in xpresentnotify structure creation
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerX.Org
≫
Produkt
Xwayland
Default Statusunaffected
Version
1.15.0
Version <
24.1.9
Status
affected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 10
Default Statusaffected
Version
0:24.1.5-5.el10_0
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 10
Default Statusaffected
Version
0:24.1.5-5.el10_1
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION
Default Statusaffected
Version
0:1.1.0-25.el6_10.15
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 7 Extended Lifecycle Support
Default Statusaffected
Version
0:1.20.4-33.el7_9
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 7 Extended Lifecycle Support
Default Statusaffected
Version
0:1.8.0-36.el7_9.3
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8
Default Statusaffected
Version
0:21.1.3-19.el8_10
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8
Default Statusaffected
Version
0:1.20.11-27.el8_10
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8
Default Statusaffected
Version
0:1.15.0-8.el8_10
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.2 Advanced Update Support
Default Statusaffected
Version
0:1.9.0-15.el8_2.15
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.2 Advanced Update Support
Default Statusaffected
Version
0:1.20.6-5.el8_2
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
Default Statusaffected
Version
0:1.11.0-8.el8_4.14
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
Default Statusaffected
Version
0:1.20.10-3.el8_4
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
Default Statusaffected
Version
0:1.11.0-8.el8_4.14
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
Default Statusaffected
Version
0:1.20.10-3.el8_4
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
Default Statusaffected
Version
0:1.12.0-6.el8_6.15
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
Default Statusaffected
Version
0:1.20.11-6.el8_6
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
Default Statusaffected
Version
0:21.1.3-2.el8_6.5
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
Default Statusaffected
Version
0:1.12.0-6.el8_6.15
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
Default Statusaffected
Version
0:1.20.11-6.el8_6
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
Default Statusaffected
Version
0:21.1.3-2.el8_6.5
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
Default Statusaffected
Version
0:1.12.0-6.el8_6.15
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
Default Statusaffected
Version
0:1.20.11-6.el8_6
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
Default Statusaffected
Version
0:21.1.3-2.el8_6.5
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.8 Telecommunications Update Service
Default Statusaffected
Version
0:1.12.0-15.el8_8.16
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.8 Telecommunications Update Service
Default Statusaffected
Version
0:1.20.11-17.el8_8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.8 Telecommunications Update Service
Default Statusaffected
Version
0:21.1.3-12.el8_8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
Default Statusaffected
Version
0:1.12.0-15.el8_8.16
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
Default Statusaffected
Version
0:1.20.11-17.el8_8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
Default Statusaffected
Version
0:21.1.3-12.el8_8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
Version
0:1.20.11-32.el9_6
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
Version
0:1.14.1-9.el9_6
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
Version
0:23.2.7-5.el9_6
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
Version
0:1.15.0-6.el9_7
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
Version
0:23.2.7-5.el9_7
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
Version
0:1.20.11-32.el9_7
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
Default Statusaffected
Version
0:1.11.0-22.el9_0.16
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
Default Statusaffected
Version
0:1.20.11-12.el9_0
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
Default Statusaffected
Version
0:21.1.3-4.el9_0
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
Default Statusaffected
Version
0:1.12.0-14.el9_2.13
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
Default Statusaffected
Version
0:1.20.11-19.el9_2
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
Default Statusaffected
Version
0:21.1.3-9.el9_2
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.4 Extended Update Support
Default Statusaffected
Version
0:1.13.1-8.el9_4.8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.4 Extended Update Support
Default Statusaffected
Version
0:1.20.11-27.el9_4
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.4 Extended Update Support
Default Statusaffected
Version
0:22.1.9-7.el9_4
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 6
Default Statusunknown
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.48% | 0.379 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 7.3 | 1.8 | 5.5 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://access.redhat.com/security/cve/CVE-2025-62229
https://bugzilla.redhat.com/show_bug.cgi?id=2402649
https://access.redhat.com/errata/RHSA-2025:19434
https://access.redhat.com/errata/RHSA-2025:19432
https://access.redhat.com/errata/RHSA-2025:19433
https://access.redhat.com/errata/RHSA-2025:19435
https://access.redhat.com/errata/RHSA-2025:19489
https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
https://access.redhat.com/errata/RHSA-2025:19623
http://www.openwall.com/lists/oss-security/2025/10/28/7
https://access.redhat.com/errata/RHSA-2025:19909
https://access.redhat.com/errata/RHSA-2025:20960
https://access.redhat.com/errata/RHSA-2025:21035
https://access.redhat.com/errata/RHSA-2025:20958
https://access.redhat.com/errata/RHSA-2025:20961
https://access.redhat.com/errata/RHSA-2025:22041
https://access.redhat.com/errata/RHSA-2025:22051
https://access.redhat.com/errata/RHSA-2025:22055
https://access.redhat.com/errata/RHSA-2025:22056
https://access.redhat.com/errata/RHSA-2025:22040
https://access.redhat.com/errata/RHSA-2025:22077
https://access.redhat.com/errata/RHSA-2025:22096
https://access.redhat.com/errata/RHSA-2025:22164
https://access.redhat.com/errata/RHSA-2025:22167
https://access.redhat.com/errata/RHSA-2025:22364
https://access.redhat.com/errata/RHSA-2025:22365
https://access.redhat.com/errata/RHSA-2025:22426
https://access.redhat.com/errata/RHSA-2025:22427
https://access.redhat.com/errata/RHSA-2025:22667
https://access.redhat.com/errata/RHSA-2025:22729
https://access.redhat.com/errata/RHSA-2025:22742
https://access.redhat.com/errata/RHSA-2025:22753
https://access.redhat.com/errata/RHSA-2026:0033
https://access.redhat.com/errata/RHSA-2026:0034
https://access.redhat.com/errata/RHSA-2026:0036
https://access.redhat.com/errata/RHSA-2026:0031
https://access.redhat.com/errata/RHSA-2026:0035
https://lists.x.org/archives/xorg-announce/2025-October/003635.html