CVE-2025-26599
7.8HIGHAn access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will
Veröffentlicht: 2/25/2025Aktualisiert: 11/3/2025
Beschreibung
An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an uninitialized pointer later.
KI-AnalyseKI-gestützt
Betroffene Produkte
tigervnctigervnc
-
x.orgx_server
x.orgxwayland
redhatenterprise_linux
7.0
redhatenterprise_linux
8.0
redhatenterprise_linux
9.0
Referenzen
- https://access.redhat.com/errata/RHSA-2025:2500Third Party Advisory
- https://access.redhat.com/errata/RHSA-2025:2502Third Party Advisory
- https://access.redhat.com/errata/RHSA-2025:2861Third Party Advisory
- https://access.redhat.com/errata/RHSA-2025:2862Third Party Advisory
- https://access.redhat.com/errata/RHSA-2025:2865Third Party Advisory
- https://access.redhat.com/errata/RHSA-2025:2866Third Party Advisory
- https://access.redhat.com/errata/RHSA-2025:2873Third Party Advisory
- https://access.redhat.com/errata/RHSA-2025:2874Third Party Advisory
- https://access.redhat.com/errata/RHSA-2025:2875Third Party Advisory
- https://access.redhat.com/errata/RHSA-2025:2879Third Party Advisory
- https://access.redhat.com/errata/RHSA-2025:2880Third Party Advisory
- https://access.redhat.com/errata/RHSA-2025:7163
- https://access.redhat.com/errata/RHSA-2025:7165
- https://access.redhat.com/errata/RHSA-2025:7458
- https://access.redhat.com/security/cve/CVE-2025-26599Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2345253Issue Tracking
- https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html