- Description
- A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size.
- Source
- secalert@redhat.com
- NVD status
- Modified
- Products
- tigervnc, x_server, xwayland, enterprise_linux
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
🚨 CVE-2025-26597 🔴 HIGH (7.8) 🏢 Red Hat - Red Hat Enterprise Linux 6 🏗️ None 🔗 https://t.co/vevPD4c5C9 🔗 https://t.co/aKq2kcwXnF #CyberCron #VulnAlert @RedHat https://t.co/dGWR32axeg
@cybercronai
27 Feb 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-26597 - https://t.co/Ni6wH8uSXJ and Xwayland - HIGH 🚨 🗓️ Date published 2025-02-25 16:15:38 UTC #X.OrgandXwayland #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/UZxOp5pYqt
@vulns_space
25 Feb 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-26597 A buffer overflow flaw was found in https://t.co/NfcYnrk5RQ and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key… https://t.co/QOcio04t4K
@CVEnew
25 Feb 2025
301 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79A8316C-BA22-441E-92AF-415AFABCEB76"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07E5F462-A20F-472C-85E7-804D46F01A7A",
"versionEndExcluding": "21.1.16"
},
{
"criteria": "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CBC57E6-F54D-4B54-9263-9753CCA3EEF7",
"versionEndExcluding": "24.1.6"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
],
"operator": "OR"
}
]
}
]