[ALSA-2025:7165] Moderate: xorg-x11-server-Xwayland security update
Type:
security
Severity:
moderate
Release date:
2025-07-02
Description:
Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability (CVE-2024-9632) * X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594) * xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601) * xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600) * xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599) * xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598) * xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597) * xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596) * Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 xorg-x11-server-Xwayland-23.2.7-3.el9_6.aarch64.rpm 57e11ee17bf053ccbe0d1ba54da379a8fce70accc0f75811ccfe6d389d709589
aarch64 xorg-x11-server-Xwayland-devel-23.2.7-3.el9_6.aarch64.rpm d59800c78259bb7c62411f737e6b36730c8acdd53675d12138749eba96e11919
i686 xorg-x11-server-Xwayland-devel-23.2.7-3.el9_6.i686.rpm 90c10c76c57c26896acc8f1f3ae13a391f48b46a5bccf1c417b71e7b100d3b40
i686 xorg-x11-server-Xwayland-23.2.7-3.el9_6.i686.rpm b146d6875ab01879300483c8b26991d2200cfc005398c25bbeddc13620cfa35e
ppc64le xorg-x11-server-Xwayland-devel-23.2.7-3.el9_6.ppc64le.rpm 08343e05db4042ba17d24a7f827e0be908f5647f94159b64690d10b884b5c010
ppc64le xorg-x11-server-Xwayland-23.2.7-3.el9_6.ppc64le.rpm dc3fcbef1f61aa7faec1bcf57958db94cd13ec4c8cceeedd3c1088c4810a2a76
s390x xorg-x11-server-Xwayland-23.2.7-3.el9_6.s390x.rpm 301a19fc57083686802d74176ec0953ad573ddf5a35a862ee1778c6550db2da9
s390x xorg-x11-server-Xwayland-devel-23.2.7-3.el9_6.s390x.rpm 513e9d30e7603bfba2557a380825f3805bd28d585be0b9330f4cb39c68fbce8d
x86_64 xorg-x11-server-Xwayland-23.2.7-3.el9_6.x86_64.rpm 12e5b24dbda30ccb9f8afc0f5cf2bb6f86f0672f1b63e8379acf50c0c4f89ed1
x86_64 xorg-x11-server-Xwayland-devel-23.2.7-3.el9_6.x86_64.rpm c8d58881a20eca09d56bb9544185b084257029d1ec3fd77767cb0c9d951c0367
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.