CVE-2025-62229
Gravedad CVSS v3.1:
ALTA
Tipo:
CWE-416
Utilización después de liberación
Fecha de publicación:
30/10/2025
Última modificación:
11/11/2025
Descripción
*** Pendiente de traducción *** A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.
Impacto
Puntuación base 3.x
7.30
Gravedad 3.x
ALTA
Referencias a soluciones, herramientas e información
- https://access.redhat.com/errata/RHSA-2025:19432
- https://access.redhat.com/errata/RHSA-2025:19433
- https://access.redhat.com/errata/RHSA-2025:19434
- https://access.redhat.com/errata/RHSA-2025:19435
- https://access.redhat.com/errata/RHSA-2025:19489
- https://access.redhat.com/errata/RHSA-2025:19623
- https://access.redhat.com/errata/RHSA-2025:19909
- https://access.redhat.com/errata/RHSA-2025:20958
- https://access.redhat.com/errata/RHSA-2025:20960
- https://access.redhat.com/errata/RHSA-2025:20961
- https://access.redhat.com/errata/RHSA-2025:21035
- https://access.redhat.com/security/cve/CVE-2025-62229
- https://bugzilla.redhat.com/show_bug.cgi?id=2402649
- http://www.openwall.com/lists/oss-security/2025/10/28/7
- https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html