SUSE SLED15: xorg-x11-server / xorg-x11-server-Xvfb / xorg-x11-server-extra / etc (SUSE-SU-2025:3865-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3865-1 advisory. - Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 - Fixed use-after-free...

SUSE SLED15: xorg-x11-server / xorg-x11-server-Xvfb / xorg-x11-server-extra / etc (SUSE-SU-2025:3872-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3872-1 advisory. - Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 - Fixed...

SUSE SLED15: xorg-x11-server / xorg-x11-server-extra / xorg-x11-server-sdk / etc (SUSE-SU-2025:3864-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3864-1 advisory. - Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 - Fixed use-after-free...

EUVD-2025-37089

Malicious code in epic-ue-map npm...

Malicious code in epic-ue-map (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68b62e65cbc85d852bc2e31738a2297459105238bc83f37cdb6f47fa476a8d6c The package epic-ue-map was found to contain malicious code...

MAL-2025-49204 Malicious code in epic-ue-map (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68b62e65cbc85d852bc2e31738a2297459105238bc83f37cdb6f47fa476a8d6c The package epic-ue-map was found to contain malicious code...

Security update for xwayland

This update for xwayland fixes the following issues: Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 Fixed Use-after-free in Xkb client resource removal CVE-2025-62230, bsc1251959 Fixed Value overflow in Xkb extension XkbSetCompatMap CVE-2025-62231, bsc125196...

SUSE-SU-2025:3874-1 Security update for xwayland

This update for xwayland fixes the following issues: - Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 - Fixed Use-after-free in Xkb client resource removal CVE-2025-62230, bsc1251959 - Fixed Value overflow in Xkb extension XkbSetCompatMap CVE-2025-62231,...

SUSE-SU-2025:3872-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 - Fixed use-after-free in Xkb client resource removal CVE-2025-62230, bsc1251959 - Fixed value overflow in Xkb extension XkbSetCompatMap...

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 Fixed use-after-free in Xkb client resource removal CVE-2025-62230, bsc1251959 Fixed value overflow in Xkb extension XkbSetCompatMap CVE-2025-62231,...

SUSE-SU-2025:3865-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 - Fixed use-after-free in Xkb client resource removal CVE-2025-62230, bsc1251959 - Fixed value overflow in Xkb extension XkbSetCompatMap...

Security update for xwayland

This update for xwayland fixes the following issues: Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 Fixed use-after-free in Xkb client resource removal CVE-2025-62230, bsc1251959 Fixed value overflow in Xkb extension XkbSetCompatMap CVE-2025-62231, bsc125196...

SUSE-SU-2025:3863-1 Security update for xwayland

This update for xwayland fixes the following issues: - Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 - Fixed use-after-free in Xkb client resource removal CVE-2025-62230, bsc1251959 - Fixed value overflow in Xkb extension XkbSetCompatMap CVE-2025-62231,...

CVE-2025-62231 Xorg: xmayland: value overflow in xkbsetcompatmap()

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

CVE-2025-62231

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

PT-2025-51592

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where enabling Huge Virtual Objects HVO on the s390 architecture can lead to reproducible crashes. This occurs because kernel page tables are modified...

Xorg -- multiple vulnerabilities

https://access.redhat.com/errata/RHSA-2025:19432 reports: CVE-2025-62229: A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free...

CVE-2025-58183

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

CVE-2025-58183

CVE-2025-58183 affects tar.Reader parsing of GNU sparse maps in tar pax 1.0. The root cause is an absence of a maximum size on the number of sparse region blocks, enabling unbounded memory growth when reading the archive, and potentially large allocations when source data is compressed. Public ad...