ALSA-2025:7163

[ALSA-2025:7163] Moderate: xorg-x11-server security update

Type:

security

Severity:

moderate

Release date:

2025-07-02

Description:

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.  

Security Fix(es):  

  * xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability (CVE-2024-9632)
  * X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594)
  * xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601)
  * xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600)
  * xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599)
  * xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598)
  * xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597)
  * xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596)
  * Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.  

Additional Changes:  

For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	xorg-x11-server-devel-1.20.11-28.el9_6.aarch64.rpm	1331cd5172ff3510a4eb4928cb2dfa0b7f18f1a3d4549b066330627bff783f4e
aarch64	xorg-x11-server-Xvfb-1.20.11-28.el9_6.aarch64.rpm	2062cccc8ff0629ea9d44e99f9a9013455e0cf14cf9e3a36378a5d73d62d6206
aarch64	xorg-x11-server-Xephyr-1.20.11-28.el9_6.aarch64.rpm	4ee1f02ab454dfe4f694084eedbbe13e953e6efda44c6b876c3c88b27ae3ecab
aarch64	xorg-x11-server-common-1.20.11-28.el9_6.aarch64.rpm	503ede479e8895bb5a5946135e1d616499d89e3c3ae88b6bcad9a900b64713c7
aarch64	xorg-x11-server-Xdmx-1.20.11-28.el9_6.aarch64.rpm	97804d4d03dcf394d278de2ec7b61bb3d150247f407c0e7d342fa1fcb0489ad6
aarch64	xorg-x11-server-Xorg-1.20.11-28.el9_6.aarch64.rpm	d548c60c37967844d9770b72a9b8c633582b13285b77328a98e6bcb9caf489e4
aarch64	xorg-x11-server-Xnest-1.20.11-28.el9_6.aarch64.rpm	f1ea3f26c90e8f5212ff39517536e029dc05b573f8566dfe9cffd0f02731179a
i686	xorg-x11-server-devel-1.20.11-28.el9_6.i686.rpm	7a3cf9635c23b6d3afbb0e1ee1dd5e31b27c61908a32007704bc203dbb115a8b
noarch	xorg-x11-server-source-1.20.11-28.el9_6.noarch.rpm	3b5bd53a2a3f676acc5de9d501d20df93aa48d19e1ee9f9f51594d08563b468b
ppc64le	xorg-x11-server-Xorg-1.20.11-28.el9_6.ppc64le.rpm	2f4d0eaa41890d85ecebc3e231b829181e4ea39a3ff13360f322762bc636a268
ppc64le	xorg-x11-server-devel-1.20.11-28.el9_6.ppc64le.rpm	5ddc8610db23b0aa47b2ea9bc02ab623890c765a632ea202a954cf09426d111e
ppc64le	xorg-x11-server-Xvfb-1.20.11-28.el9_6.ppc64le.rpm	924da2f30e530b6df7a7f337bd7b1b8f85dffbf61f808ca62aa62b8899acdbb1
ppc64le	xorg-x11-server-Xephyr-1.20.11-28.el9_6.ppc64le.rpm	a40c1c1f39c72bc47869171ad571b8c7049ff29ae29a0baa314fddc32284d680
ppc64le	xorg-x11-server-common-1.20.11-28.el9_6.ppc64le.rpm	de8f320db8377e8eed94dd1cd3e7ce5b0c432c39922309bf2ef314291fa03316
ppc64le	xorg-x11-server-Xdmx-1.20.11-28.el9_6.ppc64le.rpm	e159ad3d7ee0689726b5ef408cf00c673acff993a1c43adc9ba74bd49fe13e9b
ppc64le	xorg-x11-server-Xnest-1.20.11-28.el9_6.ppc64le.rpm	f11c01460ab7299e3b3784d856d09d33296a0be743922a759226528142a0f81b
s390x	xorg-x11-server-Xephyr-1.20.11-28.el9_6.s390x.rpm	426c838eefb83c5c728a1edfe194464c760c1d74ae16398c1c18036cbe7a83db
s390x	xorg-x11-server-Xvfb-1.20.11-28.el9_6.s390x.rpm	6faa877baf85c2aa6a85a6f170ae0c1c0e5daa480769f4ee7a23c198ba3c108e
s390x	xorg-x11-server-Xdmx-1.20.11-28.el9_6.s390x.rpm	83472d809bd911556fd2055d3418a249f3866892dcc6bda6c0f41d5ae3e35a74
s390x	xorg-x11-server-Xnest-1.20.11-28.el9_6.s390x.rpm	8c3b763fef14a7a20b11b257e71f87599a215471937a63bdea6aff59d2f6a0bb
s390x	xorg-x11-server-Xorg-1.20.11-28.el9_6.s390x.rpm	ad98230f49115ac9cea46e1208dc21ee355cd049f6d7151e055301c9283c2e1f
s390x	xorg-x11-server-devel-1.20.11-28.el9_6.s390x.rpm	c1bc39823d4996a2dcd410fa00eb7a8cb15db1ce2a7fdc5c7f80ea7e0cc6c7bd
s390x	xorg-x11-server-common-1.20.11-28.el9_6.s390x.rpm	efeb61fe215b9bf6ac089c56b34286061fc008d2779d4d7689fed7c0ee3c299f
x86_64	xorg-x11-server-Xorg-1.20.11-28.el9_6.x86_64.rpm	0e3ce0653aaf756a956126907a4b0d47c52a238b0de494f290137d19ac45b0b3
x86_64	xorg-x11-server-Xvfb-1.20.11-28.el9_6.x86_64.rpm	13dd572aad62992003d5fc51da1c5eda7b1293c4b6953596c257c6f8270fbac6
x86_64	xorg-x11-server-Xnest-1.20.11-28.el9_6.x86_64.rpm	1ce52f3f89259b487f935454ccc2bc6b15011edefdf797ebddb6c1da93087d96
x86_64	xorg-x11-server-Xdmx-1.20.11-28.el9_6.x86_64.rpm	6c799138119451d4895065230142fa1b2ae27bc8be0d470b4d89433b03b0eb6d
x86_64	xorg-x11-server-common-1.20.11-28.el9_6.x86_64.rpm	6f5d55ca2c882bdb3ed40dbd766b2c3fdd97cde4a7de7056b49a8e859332f8d1
x86_64	xorg-x11-server-Xephyr-1.20.11-28.el9_6.x86_64.rpm	7467d0745d94eb7c389a2729c408288d4d899205667ab0645d7a146601ceb218
x86_64	xorg-x11-server-devel-1.20.11-28.el9_6.x86_64.rpm	f077f472424d057855706609cf29f776facb171ec39b70d2c4a3f87f5642dd4e

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.