CLSA-2025-1765223770 xorg-x11-server: Fix of 4 CVEs

CVE-2025-9632: fix buffer overflow in XkbSetCompatMap - CVE-2025-62229: fix use-after-free condition due improper error handling during notification creation leading to DoS - CVE-2025-62230: fix use-after-free condition due freeing certain data structures without properly detaching related...

xorg: xmayland: Value overflow in XkbSetCompatMap()

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

AlmaLinux 10 : xorg-x11-server-Xwayland (ALSA-2025:21035)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21035 advisory. xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland: Use-after-free in Xkb client resource removal...

ALSA-2025:19432 Moderate: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland: Use-after-free in Xkb client resource removal CVE-2025-62230 xorg: xmayland: Value overflow in XkbSetCompatMap...

SUSE SLED15 / SLES15 Security Update : xwayland (SUSE-SU-2025:3874-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3874-1 advisory. - Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 - Fixed Use-after-free...

X.Org Server XkbSetCompatMap Numeric Truncation Error Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability

A flaw was found in the X.org server. Due to improperly tracked allocation size in XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org serv...

CLSA-2025-1744223313 tigervnc: Fix of 3 CVEs

CVE-2024-31080: xorg-x11-server: fix heap-based buffer over-read vulnerability in ProcXIGetSelectedEvents by avoiding byte-swapped length values in replies - CVE-2024-9632: xorg-x11-server: fix improperly tracked allocation size in XkbSetCompatMap to prevent buffer overflow condition -...

xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability

A flaw was found in the X.org server. Due to improperly tracked allocation size in XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org serv...

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: CVE-2024-9632: Fixed heap-based buffer overflow privilege escalation in XkbSetCompatMap bsc1231565. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...