Use-after-free vulnerability in the X11 Present extension implementation of the X.Org X server and Xwayland. The flaw occurs when processing notifications after presenting a pixmap; if an error happens, a dangling pointer remains in the error path. This leads to a use-after-free when destroying notification structures later. A remote attacker can exploit this via crafted X11 requests to trigger memory corruption or denial of service. The issue has existed since Xorg 1.15.
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:19435 https://access.redhat.com/errata/RHSA-2025:19435
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:19432 https://access.redhat.com/errata/RHSA-2025:19432
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:19433 https://access.redhat.com/errata/RHSA-2025:19433
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:19434 https://access.redhat.com/errata/RHSA-2025:19434
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:19489 https://access.redhat.com/errata/RHSA-2025:19489
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:19623 https://access.redhat.com/errata/RHSA-2025:19623
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:19909 https://access.redhat.com/errata/RHSA-2025:19909
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:20958 https://access.redhat.com/errata/RHSA-2025:20958
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:20961 https://access.redhat.com/errata/RHSA-2025:20961
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:20960 https://access.redhat.com/errata/RHSA-2025:20960
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:21035 https://access.redhat.com/errata/RHSA-2025:21035
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:22041 https://access.redhat.com/errata/RHSA-2025:22041
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:22040 https://access.redhat.com/errata/RHSA-2025:22040
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:22056 https://access.redhat.com/errata/RHSA-2025:22056
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:22055 https://access.redhat.com/errata/RHSA-2025:22055
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:22051 https://access.redhat.com/errata/RHSA-2025:22051
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:22077 https://access.redhat.com/errata/RHSA-2025:22077
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:22096 https://access.redhat.com/errata/RHSA-2025:22096
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:22164 https://access.redhat.com/errata/RHSA-2025:22164
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:22167 https://access.redhat.com/errata/RHSA-2025:22167
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:22365 https://access.redhat.com/errata/RHSA-2025:22365
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:22364 https://access.redhat.com/errata/RHSA-2025:22364
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:22427 https://access.redhat.com/errata/RHSA-2025:22427
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:22426 https://access.redhat.com/errata/RHSA-2025:22426
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Via RHSA-2025:22667 https://access.redhat.com/errata/RHSA-2025:22667
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:22729 https://access.redhat.com/errata/RHSA-2025:22729
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:22742 https://access.redhat.com/errata/RHSA-2025:22742
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:22753 https://access.redhat.com/errata/RHSA-2025:22753