xorg-x11-server-Xwayland-23.2.7-5.el9_6
エラータID: AXSA:2025-11057:03
リリース日:
2025/11/10 Monday - 17:21
題名:
xorg-x11-server-Xwayland-23.2.7-5.el9_6
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- X.org には、メモリ領域の解放後利用の問題があるため、ローカル
の攻撃者により、任意のコードの実行、およびサービス拒否攻撃
(クラッシュの発生) を可能とする脆弱性が存在します。
(CVE-2025-62229)
- X.org の Xkb 拡張機能には、メモリ領域の解放後利用の問題が
あるため、ローカルの攻撃者により、メモリ破壊、およびサービス
拒否攻撃 (クラッシュの発生) を可能とする脆弱性が存在します。
(CVE-2025-62230)
- X.org の Xkb 拡張機能には、整数オーバーフローの問題があるため、
ローカルの攻撃者により、メモリ破壊、およびサービス拒否攻撃
(クラッシュの発生) を可能とする脆弱性が存在します。
(CVE-2025-62231)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-62229
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.
CVE-2025-62230
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect.
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect.
CVE-2025-62231
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash.
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash.
追加情報:
N/A
ダウンロード:
SRPMS
- xorg-x11-server-Xwayland-23.2.7-5.el9_6.src.rpm
MD5: 04070f3573818dc97762c94f8243017f
SHA-256: 39deea52a0e777633089f9e69e890cf4ad1996466e9cb1ffc1467eca89f69c92
Size: 1.28 MB
Asianux Server 9 for x86_64
- xorg-x11-server-Xwayland-23.2.7-5.el9_6.i686.rpm
MD5: 09bd6a12b5526b69ef3fc90731ea7118
SHA-256: 68e5f28cf1d7ff9c7af9153f9f711dddd43180d392888b7cf34f5d5488f7ba3c
Size: 1.01 MB - xorg-x11-server-Xwayland-23.2.7-5.el9_6.x86_64.rpm
MD5: 94150fc5e30b6cc4fa08d401d8b26d4e
SHA-256: ad2c81b6209ae5bceeb4404f5fdef90d6b9714f664e626122c319144a9aeb169
Size: 0.96 MB - xorg-x11-server-Xwayland-devel-23.2.7-5.el9_6.i686.rpm
MD5: a27954725296b1971b1a4b1d1c83e532
SHA-256: f6cedfe7b630dae907945f1b935f34cf5dfdc7f77c70b86723423af4d2dc5b05
Size: 8.71 kB - xorg-x11-server-Xwayland-devel-23.2.7-5.el9_6.x86_64.rpm
MD5: 16b67f4195a10a784e50bab541c7602b
SHA-256: c5865f3ed36554c6da412bafc26bc7f90aae253eea714dcece21f1357f6a98cf
Size: 8.69 kB
English