7.3
CVE-2025-62230
- EPSS 0.27%
- Veröffentlicht 30.10.2025 05:19:40
- Zuletzt bearbeitet 01.07.2026 15:13:56
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Xorg: xwayland: use-after-free in xkb client resource removal
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version11.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version10.0
Redhat ≫ Enterprise Linux Aus Version8.2
Redhat ≫ Enterprise Linux Aus Version8.4
Redhat ≫ Enterprise Linux Aus Version8.6
Redhat ≫ Enterprise Linux Els Version6.0
Redhat ≫ Enterprise Linux Els Version7.0
Redhat ≫ Enterprise Linux Eus Version8.4
Redhat ≫ Enterprise Linux Eus Version9.4
Redhat ≫ Enterprise Linux Tus Version8.6
Redhat ≫ Enterprise Linux Tus Version8.8
Redhat ≫ Enterprise Linux Update Services For Sap Solutions Version8.6
Redhat ≫ Enterprise Linux Update Services For Sap Solutions Version8.8
Redhat ≫ Enterprise Linux Update Services For Sap Solutions Version9.0
Redhat ≫ Enterprise Linux Update Services For Sap Solutions Version9.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.183 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 7.3 | 1.8 | 5.5 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://access.redhat.com/security/cve/CVE-2025-62230
https://bugzilla.redhat.com/show_bug.cgi?id=2402653
https://access.redhat.com/errata/RHSA-2025:19434
https://access.redhat.com/errata/RHSA-2025:19432
https://access.redhat.com/errata/RHSA-2025:19433
https://access.redhat.com/errata/RHSA-2025:19435
https://access.redhat.com/errata/RHSA-2025:19489
https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
https://access.redhat.com/errata/RHSA-2025:19623
http://www.openwall.com/lists/oss-security/2025/10/28/7
https://access.redhat.com/errata/RHSA-2025:19909
https://access.redhat.com/errata/RHSA-2025:20960
https://access.redhat.com/errata/RHSA-2025:21035
https://access.redhat.com/errata/RHSA-2025:20958
https://access.redhat.com/errata/RHSA-2025:20961
https://access.redhat.com/errata/RHSA-2025:22041
https://access.redhat.com/errata/RHSA-2025:22051
https://access.redhat.com/errata/RHSA-2025:22055
https://access.redhat.com/errata/RHSA-2025:22056
https://access.redhat.com/errata/RHSA-2025:22040
https://access.redhat.com/errata/RHSA-2025:22077
https://access.redhat.com/errata/RHSA-2025:22096
https://access.redhat.com/errata/RHSA-2025:22164
https://access.redhat.com/errata/RHSA-2025:22167
https://access.redhat.com/errata/RHSA-2025:22364
https://access.redhat.com/errata/RHSA-2025:22365
https://access.redhat.com/errata/RHSA-2025:22426
https://access.redhat.com/errata/RHSA-2025:22427
https://access.redhat.com/errata/RHSA-2025:22667
https://access.redhat.com/errata/RHSA-2025:22729
https://access.redhat.com/errata/RHSA-2025:22742
https://access.redhat.com/errata/RHSA-2025:22753
https://access.redhat.com/errata/RHSA-2026:0033
https://access.redhat.com/errata/RHSA-2026:0034
https://access.redhat.com/errata/RHSA-2026:0036
https://access.redhat.com/errata/RHSA-2026:0031
https://access.redhat.com/errata/RHSA-2026:0035
https://lists.x.org/archives/xorg-announce/2025-October/003635.html