Astra Linux - уязвимость в xwayland, xorg-server

A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check...

OESA-2026-2143 xorg-x11-server-xwayland security update

Xwayland is an X server for running X clients under Wayland. %package devel Summary: Development package Requires: pkgconfig %description devel The development package provides the developmental files which are necessary for developing Wayland compositors using Xwayland. %prep %autosetup -n...

OESA-2026-2142 xorg-x11-server-xwayland security update

Xwayland is an X server for running X clients under Wayland. %package devel Summary: Development package Requires: pkgconfig %description devel The development package provides the developmental files which are necessary for developing Wayland compositors using Xwayland. %prep %autosetup -n...

OESA-2026-2141 xorg-x11-server-xwayland security update

Xwayland is an X server for running X clients under Wayland. %package devel Summary: Development package Requires: pkgconfig %description devel The development package provides the developmental files which are necessary for developing Wayland compositors using Xwayland. %prep %autosetup -n...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xorg-x11-server (UTSA-2026-006190)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006190 advisory. A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an intege...

MiracleLinux 9 : tigervnc-1.14.1-8.el9_6 (AXSA:2025-10563:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10563:07 advisory. xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors CVE-2025-49175...

TencentOS Server 4: xorg-x11-server-Xwayland (TSSA-2025:0757)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0757 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: xorg-x11-server (TSSA-2025:0760)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0760 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Security Bulletin: AIX/VIOS is vulnerable to a denial of service (CVE-2025-49175, CVE-2025-49178) and an integer overflow (CVE-2025-49176, CVE-2025-49179)

Summary Vulnerabilities in Xorg X Server could cause a denial of service CVE-2025-49175, CVE-2025-49178 or an integer overflow CVE-2025-49176, CVE-2025-49179. Vulnerability Details CVEID:CVE-2025-49175 DESCRIPTION: A flaw was found in the X Rendering extension's handling of animated cursors. If a...

AIX is vulnerable to a denial of service (CVE-2025-49175 CVE-2025-49178) and an integer overflow (CVE-2025-49176 CVE-2025-49179)

IBM SECURITY ADVISORY First Issued: Mon Oct 13 08:46:48 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/xorgadvisory4.asc Security Bulletin: AIX is vulnerable to a denial of service CVE-2025-49175, CVE-2025-49178 and an integer...

AIX : Multiple Vulnerabilities (IJ55665)

The version of AIX installed on the remote host is prior to APAR IJ55665. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ55665 advisory. - A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflo...

Unity Linux 20.1060a / 20.1070a Security Update: tigervnc (UTSA-2025-986135)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986135 advisory. A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an intege...

EUVD-2025-18503

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-49176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an...

CBL Mariner 2.0 Security Update: xorg-x11-server (CVE-2025-49176)

The version of xorg-x11-server installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49176 advisory. - A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checki...

Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension

...

Medium: xorg-x11-server-Xwayland

Issue Overview: A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. CVE-2025-49175 A flaw was found in the Big Requests extension. The reque...

Medium: xorg-x11-server

Issue Overview: A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. CVE-2025-49175 A flaw was found in the Big Requests extension. The reque...

Amazon Linux 2023 : xorg-x11-server-common, xorg-x11-server-devel, xorg-x11-server-source (ALAS2023-2025-1061)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1061 advisory. A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and...

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension

A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check...