CVE-2025-62230
HIGH EPSS 17.2%
Published Oct 30, 20258mo ago · Modified Jun 17, 20261w ago
7.3 CVSS 3.1
Published Oct 30, 2025 8mo ago
Last Modified Jun 17, 2026 1w ago
Description
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity Low
Availability High
Threat Intelligence
EPSS Exploit Probability
17.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-416 Use After Free Memory Safety
References 38
- openwall.com http://www.openwall.com/lists/oss-security/2025/10/28/7
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19432
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19433
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19434
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19435
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19489
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19623
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:19909
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:20958
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:20960
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:20961
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:21035
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22040
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22041
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22051
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22055
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22056
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22077
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22096
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22164
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22167
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22364
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22365
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22426
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22427
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22667
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22729
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22742
- access.redhat.com https://access.redhat.com/errata/RHSA-2025:22753
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:0031
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:0033
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:0034
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:0035
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:0036
- access.redhat.com https://access.redhat.com/security/cve/CVE-2025-62230
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=2402653
- lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
- lists.x.org https://lists.x.org/archives/xorg-announce/2025-October/003635.html
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.