A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
13 May 2025, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
13 May 2025, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
08 May 2025, 18:01
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://access.redhat.com/errata/RHSA-2025:2500 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:2502 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:2861 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:2862 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:2865 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:2866 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:2873 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:2874 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:2875 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:2879 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:2880 - Third Party Advisory | |
| CWE | CWE-787 | |
| CPE | cpe:2.3:a:x.org:x_server:-:*:*:*:*:*:*:* |
cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:* cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:* |
17 Mar 2025, 05:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
17 Mar 2025, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
17 Mar 2025, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
10 Mar 2025, 13:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
04 Mar 2025, 17:22
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
|
| References | () https://access.redhat.com/security/cve/CVE-2025-26595 - Third Party Advisory | |
| References | () https://bugzilla.redhat.com/show_bug.cgi?id=2345257 - Issue Tracking | |
| First Time |
Tigervnc tigervnc
Tigervnc X.org x Server X.org X.org xwayland Redhat Redhat enterprise Linux |
|
| CPE | cpe:2.3:a:x.org:xwayland:-:*:*:*:*:*:*:* cpe:2.3:a:x.org:x_server:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* |
25 Feb 2025, 16:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-02-25 16:15
Updated : 2025-05-13 20:15
NVD link : CVE-2025-26595
Mitre link : CVE-2025-26595
CVE.ORG link : CVE-2025-26595
JSON object : View
Products Affected
tigervnc
- tigervnc
redhat
- enterprise_linux
x.org
- xwayland
- x_server