Description

A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow.

Weaknesses 1

Affected Products 6

References 18

• access.redhat.com https://access.redhat.com/errata/RHSA-2025:2500
  Third Party Advisory
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:2502
  Third Party Advisory
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:2861
  Third Party Advisory
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:2862
  Third Party Advisory
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:2865
  Third Party Advisory
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:2866
  Third Party Advisory
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:2873
  Third Party Advisory
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:2874
  Third Party Advisory
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:2875
  Third Party Advisory
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:2879
  Third Party Advisory
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:2880
  Third Party Advisory
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:3976
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:7163
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:7165
• access.redhat.com https://access.redhat.com/errata/RHSA-2025:7458
• access.redhat.com https://access.redhat.com/security/cve/CVE-2025-26596
  Third Party Advisory
• bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=2345256
  Issue Tracking
• lists.debian.org https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html

Remediation