xorg-x11-server-Xwayland-23.2.7-5.el9_6

エラータID: AXSA:2025-11057:03

Release date: 
Monday, November 10, 2025 - 17:21
Subject: 
xorg-x11-server-Xwayland-23.2.7-5.el9_6
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

Xwayland is an X server for running X clients under Wayland.

CVE-2025-62229
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.
CVE-2025-62230
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect.
CVE-2025-62231
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash.

Solution: 

Update packages.

CVEs: 
CVE-2025-62229
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.
CVE-2025-62230
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect.
CVE-2025-62231
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash.
Additional Info: 

N/A

Download: 

SRPMS
  1. xorg-x11-server-Xwayland-23.2.7-5.el9_6.src.rpm
    MD5: 04070f3573818dc97762c94f8243017f
    SHA-256: 39deea52a0e777633089f9e69e890cf4ad1996466e9cb1ffc1467eca89f69c92
    Size: 1.28 MB

Asianux Server 9 for x86_64
  1. xorg-x11-server-Xwayland-23.2.7-5.el9_6.i686.rpm
    MD5: 09bd6a12b5526b69ef3fc90731ea7118
    SHA-256: 68e5f28cf1d7ff9c7af9153f9f711dddd43180d392888b7cf34f5d5488f7ba3c
    Size: 1.01 MB
  2. xorg-x11-server-Xwayland-23.2.7-5.el9_6.x86_64.rpm
    MD5: 94150fc5e30b6cc4fa08d401d8b26d4e
    SHA-256: ad2c81b6209ae5bceeb4404f5fdef90d6b9714f664e626122c319144a9aeb169
    Size: 0.96 MB
  3. xorg-x11-server-Xwayland-devel-23.2.7-5.el9_6.i686.rpm
    MD5: a27954725296b1971b1a4b1d1c83e532
    SHA-256: f6cedfe7b630dae907945f1b935f34cf5dfdc7f77c70b86723423af4d2dc5b05
    Size: 8.71 kB
  4. xorg-x11-server-Xwayland-devel-23.2.7-5.el9_6.x86_64.rpm
    MD5: 16b67f4195a10a784e50bab541c7602b
    SHA-256: c5865f3ed36554c6da412bafc26bc7f90aae253eea714dcece21f1357f6a98cf
    Size: 8.69 kB