xorg-x11-server-Xwayland-21.1.3-19.el8_10
エラータID: AXSA:2025-11054:02
リリース日:
2025/11/10 Monday - 16:56
題名:
xorg-x11-server-Xwayland-21.1.3-19.el8_10
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- X.org には、メモリ領域の解放後利用の問題があるため、ローカル
の攻撃者により、任意のコードの実行、およびサービス拒否攻撃
(クラッシュの発生) を可能とする脆弱性が存在します。
(CVE-2025-62229)
- X.org の Xkb 拡張機能には、メモリ領域の解放後利用の問題が
あるため、ローカルの攻撃者により、メモリ破壊、およびサービス
拒否攻撃 (クラッシュの発生) を可能とする脆弱性が存在します。
(CVE-2025-62230)
- X.org の Xkb 拡張機能には、整数オーバーフローの問題があるため、
ローカルの攻撃者により、メモリ破壊、およびサービス拒否攻撃
(クラッシュの発生) を可能とする脆弱性が存在します。
(CVE-2025-62231)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-62229
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.
CVE-2025-62230
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect.
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect.
CVE-2025-62231
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash.
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash.
追加情報:
N/A
ダウンロード:
SRPMS
- xorg-x11-server-Xwayland-21.1.3-19.el8_10.src.rpm
MD5: d22fb4926a4366cb8f29c27c67c45dd5
SHA-256: c160261c2b2307700bfba703480007c99ee6d8f4ec25b64e14537bd37855600d
Size: 1.27 MB
Asianux Server 8 for x86_64
- xorg-x11-server-Xwayland-21.1.3-19.el8_10.x86_64.rpm
MD5: fdca33c479157ed0253db502a8fb19c9
SHA-256: ea49593146727aeac0b940f16589c67bfbb50f5830981ad7682aaf7142b65f22
Size: 966.12 kB
English