CVE-2025-26599

Name
CVE-2025-26599
Description
An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an uninitialized pointer later.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vdb-entry https://access.redhat.com/security/cve/CVE-2025-26599
issue-tracking https://bugzilla.redhat.com/show_bug.cgi?id=2345253
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:2500
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:2502
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:2862
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:2865
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:2874
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:2875
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:2861
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:2866
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:2873
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:2879
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:2880
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:7163
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:7165
secalert@redhat.com https://access.redhat.com/errata/RHSA-2025:7458

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:* tigervnc == None == -

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
xorg-server edge-community 21.1.16-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
xwayland edge-community 24.1.6-r0 Simon Zeni <simon@bl4ckb0ne.ca> fixed
xorg-server 3.21-community 21.1.16-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
xwayland 3.21-community 24.1.6-r0 Simon Zeni <simon@bl4ckb0ne.ca> fixed