CVE-2025-62229
HIGH EPSS 37.9%
Published Oct 30, 20258mo ago · Modified Jun 17, 20262w ago
7.3 CVSS 3.1
Published Oct 30, 2025 8mo ago
Last Modified Jun 17, 2026 2w ago
Description
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
37.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-416 Use After Free Memory Safety
References 38
- openwall.com http://www.openwall.com/lists/oss-security/2025/10/28/7
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19432
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19433
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19434
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19435
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19489
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19623
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19909
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:20958
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:20960
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:20961
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:21035
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22040
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22041
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22051
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22055
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22056
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22077
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22096
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22164
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22167
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22364
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22365
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22426
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22427
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22667
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22729
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22742
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22753
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:0031
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:0033
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:0034
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:0035
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:0036
- access.redhat.com https://access.redhat.com/security/cve/CVE-2025-62229
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=2402649
- lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- lists.x.org https://lists.x.org/archives/xorg-announce/2025-October/003635.html
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.