Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension

A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check...

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension

A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check...

EulerOS 2.0 SP13 : libxkbfile (EulerOS-SA-2025-1693)

According to the versions of the libxkbfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed- sized buffer on the stack and copies the...

EulerOS 2.0 SP13 : xorg-x11-server (EulerOS-SA-2025-1697)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate...

EulerOS 2.0 SP13 : libxkbfile (EulerOS-SA-2025-1708)

According to the versions of the libxkbfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed- sized buffer on the stack and copies the...

EulerOS 2.0 SP11 : libxkbfile (EulerOS-SA-2025-1667)

According to the versions of the libxkbfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed- sized buffer on the stack and copies the...

ROS-20250505-02

A vulnerability in the Wayland protocol implementation of X.Org XWayland, an implementation of the X Window System X.Org Server Server is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise it...

The vulnerability in the Wayland protocol for X.Org XWayland, which is related to the X.Org Server, a server for the X Window System, arises from buffer overflows in the stack. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Wayland protocol for X.Org XWayland, which is implemented by the X.Org Server, is related to buffer overflows in the stack. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

The vulnerability in the implementation of the Wayland protocol for X.Org XWayland, which is related to writing beyond the buffer boundaries, allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Wayland protocol for X.Org XWayland, which is implemented by the X.Org Server, is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

CVE-2025-26594

A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free...

CVE-2025-26599 Xorg: xwayland: use of uninitialized pointer in compredirectwindow()

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

CVE-2025-26594 X.org: xwayland: use-after-free of the root cursor

A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free...

ROS-20241008-05

A vulnerability in the ProcXkbGetKbdByName function of the xkb/xkb.c component of the Wayland protocol implementation for X.Org XWayland, an implementation of the X Window System X.Org Server is related to incorrect memory freeing before deleting the last link. Exploitation of the vulnerability...

Advisory ROSA-SA-2024-2352

Software: tigervnc 1.8.0 OS: rosa-server79 packageevrstring: tigervnc-1.8.0-31.res7 CVE-ID: CVE-2023-6816 BDU-ID: 2024-00405 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DeviceFocusEvent and XIQueryPointer functions of the X Window System X.Org Server implementation is related to an operation...

The vulnerability in the implementation of the Wayland protocol for X.Org XWayland, which is related to the execution of operations beyond the buffer boundaries in memory, allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the Wayland protocol for X.Org XWayland, which is part of the X.Org Server for the X Window System, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure or execute arbitra...

The vulnerability of the XvdiSelectVideoNotify function in the X Window System X.Org Server, and the Wayland protocol for X.Org XWayland, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the XvdiSelectVideoNotify function in the X Window System X.Org Server, and the Wayland protocol for X.Org, is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to access confidential data, compromise its integrity, and cau...