ALSA-2025:20960

[ALSA-2025:20960] Moderate: xorg-x11-server-Xwayland security update

Type:

security

Severity:

moderate

Release date:

2025-11-19

Description:

Xwayland is an X server for running X clients under Wayland.  

Security Fix(es):  

  * xorg: xmayland: Use-after-free in XPresentNotify structure creation (CVE-2025-62229)
  * xorg: xwayland: Use-after-free in Xkb client resource removal (CVE-2025-62230)
  * xorg: xmayland: Value overflow in XkbSetCompatMap() (CVE-2025-62231)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	xorg-x11-server-Xwayland-23.2.7-5.el9_7.aarch64.rpm	36c17d99e90563505e87e1213d387d448b356c58e5c26308f2c8e93703e795bf
aarch64	xorg-x11-server-Xwayland-devel-23.2.7-5.el9_7.aarch64.rpm	dec942d174566bdedc8e0c93f8e9554c7bdcc4017938a91cc6b5d91cbab23924
i686	xorg-x11-server-Xwayland-devel-23.2.7-5.el9_7.i686.rpm	216d155c2f6c440efdb07997067b7988de44b00ccaaa04bc554039f02f80aaa9
i686	xorg-x11-server-Xwayland-23.2.7-5.el9_7.i686.rpm	afc0ccc008088e09831af4efa994c5bd180bf40c22e2e29cd4d06ce646fd30bf
ppc64le	xorg-x11-server-Xwayland-23.2.7-5.el9_7.ppc64le.rpm	5e7f27308c42294258bbf5408db1211c1e5823f000b390b76592edd778fe24e0
ppc64le	xorg-x11-server-Xwayland-devel-23.2.7-5.el9_7.ppc64le.rpm	c734a0029c13c85fe44c50a6e7ebe7366a42268133f4aa368ebdb254b3a6f4c3
s390x	xorg-x11-server-Xwayland-23.2.7-5.el9_7.s390x.rpm	534a9a9e01660868e998cd4bf71a35f28f32f881e6de946bb3904f948c782b01
s390x	xorg-x11-server-Xwayland-devel-23.2.7-5.el9_7.s390x.rpm	6a3ca00bc23b9e69ce9f69e2eb3a81d75c0b636c48f877dbe81b8b83aed4f65c
x86_64	xorg-x11-server-Xwayland-devel-23.2.7-5.el9_7.x86_64.rpm	2f833e439957202c882bf1f06d127f4881b7eef2219febd42ef6a67d078cc48f
x86_64	xorg-x11-server-Xwayland-23.2.7-5.el9_7.x86_64.rpm	765cb07995e126fa82b96c3db56edaa85679fb1a4edca1caba6dc33b02b7d58b

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.