CVE-2025-26596

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-26596
A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2025:2500 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2502 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2861 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2862 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2865 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2866 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2873 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2874 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2875 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2879 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2880 Third Party Advisory
https://access.redhat.com/security/cve/CVE-2025-26596 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2345256 Issue Tracking
Configurations

Configuration 1 (hide)

cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:x.org:x_server:-:*:*:*:*:*:*:*
cpe:2.3:a:x.org:xwayland:-:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
History

10 Apr 2025, 20:19

Type Values Removed Values Added
References () https://access.redhat.com/errata/RHSA-2025:2500 - () https://access.redhat.com/errata/RHSA-2025:2500 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:2502 - () https://access.redhat.com/errata/RHSA-2025:2502 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:2861 - () https://access.redhat.com/errata/RHSA-2025:2861 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:2862 - () https://access.redhat.com/errata/RHSA-2025:2862 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:2865 - () https://access.redhat.com/errata/RHSA-2025:2865 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:2866 - () https://access.redhat.com/errata/RHSA-2025:2866 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:2873 - () https://access.redhat.com/errata/RHSA-2025:2873 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:2874 - () https://access.redhat.com/errata/RHSA-2025:2874 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:2875 - () https://access.redhat.com/errata/RHSA-2025:2875 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:2879 - () https://access.redhat.com/errata/RHSA-2025:2879 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2025:2880 - () https://access.redhat.com/errata/RHSA-2025:2880 - Third Party Advisory

21 Mar 2025, 16:15

Type Values Removed Values Added
CWE CWE-122

17 Mar 2025, 05:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:2861 -
  • () https://access.redhat.com/errata/RHSA-2025:2866 -
  • () https://access.redhat.com/errata/RHSA-2025:2873 -
  • () https://access.redhat.com/errata/RHSA-2025:2879 -
  • () https://access.redhat.com/errata/RHSA-2025:2880 -

17 Mar 2025, 03:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:2865 -
  • () https://access.redhat.com/errata/RHSA-2025:2874 -
  • () https://access.redhat.com/errata/RHSA-2025:2875 -

17 Mar 2025, 02:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:2862 -

10 Mar 2025, 13:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:2500 -
  • () https://access.redhat.com/errata/RHSA-2025:2502 -

04 Mar 2025, 17:22

Type Values Removed Values Added
References () https://access.redhat.com/security/cve/CVE-2025-26596 - () https://access.redhat.com/security/cve/CVE-2025-26596 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2345256 - () https://bugzilla.redhat.com/show_bug.cgi?id=2345256 - Issue Tracking
Summary
  • (es) Se encontró una falla de desbordamiento de búfer en X.Org y Xwayland. El cálculo de la longitud en XkbSizeKeySyms() difiere de lo que está escrito en XkbWriteKeySyms(), lo que puede provocar un desbordamiento de búfer en el búfer.
First Time Redhat enterprise Linux
Tigervnc tigervnc
Tigervnc
X.org
Redhat
X.org x Server
X.org xwayland
CPE cpe:2.3:a:x.org:x_server:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:a:x.org:xwayland:-:*:*:*:*:*:*:*
CWE CWE-787

25 Feb 2025, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-02-25 16:15

Updated : 2025-04-10 20:19

NVD link : CVE-2025-26596

Mitre link : CVE-2025-26596

CVE.ORG link : CVE-2025-26596

JSON object : View

Products Affected

x.org

  • xwayland
  • x_server

tigervnc

  • tigervnc

redhat

  • enterprise_linux
CWE
CWE-787

Out-of-bounds Write