Bug 2402660 (CVE-2025-62231)
| Summary: | CVE-2025-62231 xorg: xmayland: Value overflow in XkbSetCompatMap() | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | security-response-team |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2406802, 2406803, 2407295, 2407296, 2407297 | ||
| Bug Blocks: | |||
| Deadline: | 2025-10-28 | ||
|
Description
OSIDB Bzimport
2025-10-09 06:46:27 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:19435 https://access.redhat.com/errata/RHSA-2025:19435 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:19432 https://access.redhat.com/errata/RHSA-2025:19432 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:19433 https://access.redhat.com/errata/RHSA-2025:19433 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:19434 https://access.redhat.com/errata/RHSA-2025:19434 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:19489 https://access.redhat.com/errata/RHSA-2025:19489 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:19623 https://access.redhat.com/errata/RHSA-2025:19623 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:19909 https://access.redhat.com/errata/RHSA-2025:19909 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:20958 https://access.redhat.com/errata/RHSA-2025:20958 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:20961 https://access.redhat.com/errata/RHSA-2025:20961 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:20960 https://access.redhat.com/errata/RHSA-2025:20960 This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:21035 https://access.redhat.com/errata/RHSA-2025:21035 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:22041 https://access.redhat.com/errata/RHSA-2025:22041 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:22040 https://access.redhat.com/errata/RHSA-2025:22040 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:22056 https://access.redhat.com/errata/RHSA-2025:22056 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:22055 https://access.redhat.com/errata/RHSA-2025:22055 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:22051 https://access.redhat.com/errata/RHSA-2025:22051 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:22077 https://access.redhat.com/errata/RHSA-2025:22077 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:22096 https://access.redhat.com/errata/RHSA-2025:22096 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:22164 https://access.redhat.com/errata/RHSA-2025:22164 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:22167 https://access.redhat.com/errata/RHSA-2025:22167 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:22365 https://access.redhat.com/errata/RHSA-2025:22365 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:22364 https://access.redhat.com/errata/RHSA-2025:22364 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:22427 https://access.redhat.com/errata/RHSA-2025:22427 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:22426 https://access.redhat.com/errata/RHSA-2025:22426 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Via RHSA-2025:22667 https://access.redhat.com/errata/RHSA-2025:22667 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:22729 https://access.redhat.com/errata/RHSA-2025:22729 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:22742 https://access.redhat.com/errata/RHSA-2025:22742 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:22753 https://access.redhat.com/errata/RHSA-2025:22753 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2026:0031 https://access.redhat.com/errata/RHSA-2026:0031 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2026:0034 https://access.redhat.com/errata/RHSA-2026:0034 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2026:0036 https://access.redhat.com/errata/RHSA-2026:0036 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2026:0035 https://access.redhat.com/errata/RHSA-2026:0035 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2026:0033 https://access.redhat.com/errata/RHSA-2026:0033 |