Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-62229

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-30 Oct, 2025 | 05:28
Updated At-26 Feb, 2026 | 16:56
Rejected At-
Credits

Xorg: xmayland: use-after-free in xpresentnotify structure creation

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:30 Oct, 2025 | 05:28
Updated At:26 Feb, 2026 | 16:56
Rejected At:
â–¼CVE Numbering Authority (CNA)
Xorg: xmayland: use-after-free in xpresentnotify structure creation

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.

Affected Products
Vendor
X.Org FoundationX.Org
Product
Xwayland
Collection URL
https://gitlab.freedesktop.org/xorg/xserver
Package Name
xwayland
Default Status
unaffected
Versions
Affected
  • From 1.15.0 before 24.1.9 (semver)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/o:redhat:enterprise_linux:10.0
Default Status
affected
Versions
Unaffected
  • From 0:24.1.5-5.el10_0 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/o:redhat:enterprise_linux:10.1
Default Status
affected
Versions
Unaffected
  • From 0:24.1.5-5.el10_1 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/o:redhat:rhel_els:6
Default Status
affected
Versions
Unaffected
  • From 0:1.1.0-25.el6_10.15 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 7 Extended Lifecycle Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/o:redhat:rhel_els:7
Default Status
affected
Versions
Unaffected
  • From 0:1.20.4-33.el7_9 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 7 Extended Lifecycle Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/o:redhat:rhel_els:7
Default Status
affected
Versions
Unaffected
  • From 0:1.8.0-36.el7_9.3 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/a:redhat:enterprise_linux:8::appstream
Default Status
affected
Versions
Unaffected
  • From 0:21.1.3-19.el8_10 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:enterprise_linux:8::crb
  • cpe:/a:redhat:enterprise_linux:8::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.20.11-27.el8_10 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:enterprise_linux:8::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.15.0-8.el8_10 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.2 Advanced Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:rhel_aus:8.2::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.9.0-15.el8_2.15 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.2 Advanced Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:rhel_aus:8.2::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.20.6-5.el8_2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
  • cpe:/a:redhat:rhel_aus:8.4::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.11.0-8.el8_4.14 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
  • cpe:/a:redhat:rhel_aus:8.4::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.20.10-3.el8_4 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
  • cpe:/a:redhat:rhel_aus:8.4::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.11.0-8.el8_4.14 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
  • cpe:/a:redhat:rhel_aus:8.4::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.20.10-3.el8_4 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:rhel_tus:8.6::appstream
  • cpe:/a:redhat:rhel_aus:8.6::appstream
  • cpe:/a:redhat:rhel_e4s:8.6::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.12.0-6.el8_6.15 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:rhel_tus:8.6::appstream
  • cpe:/a:redhat:rhel_aus:8.6::appstream
  • cpe:/a:redhat:rhel_e4s:8.6::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.20.11-6.el8_6 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/a:redhat:rhel_tus:8.6::appstream
  • cpe:/a:redhat:rhel_aus:8.6::appstream
  • cpe:/a:redhat:rhel_e4s:8.6::appstream
Default Status
affected
Versions
Unaffected
  • From 0:21.1.3-2.el8_6.5 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:rhel_tus:8.6::appstream
  • cpe:/a:redhat:rhel_aus:8.6::appstream
  • cpe:/a:redhat:rhel_e4s:8.6::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.12.0-6.el8_6.15 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:rhel_tus:8.6::appstream
  • cpe:/a:redhat:rhel_aus:8.6::appstream
  • cpe:/a:redhat:rhel_e4s:8.6::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.20.11-6.el8_6 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/a:redhat:rhel_tus:8.6::appstream
  • cpe:/a:redhat:rhel_aus:8.6::appstream
  • cpe:/a:redhat:rhel_e4s:8.6::appstream
Default Status
affected
Versions
Unaffected
  • From 0:21.1.3-2.el8_6.5 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:rhel_tus:8.6::appstream
  • cpe:/a:redhat:rhel_aus:8.6::appstream
  • cpe:/a:redhat:rhel_e4s:8.6::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.12.0-6.el8_6.15 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:rhel_tus:8.6::appstream
  • cpe:/a:redhat:rhel_aus:8.6::appstream
  • cpe:/a:redhat:rhel_e4s:8.6::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.20.11-6.el8_6 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/a:redhat:rhel_tus:8.6::appstream
  • cpe:/a:redhat:rhel_aus:8.6::appstream
  • cpe:/a:redhat:rhel_e4s:8.6::appstream
Default Status
affected
Versions
Unaffected
  • From 0:21.1.3-2.el8_6.5 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.8 Telecommunications Update Service
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:rhel_tus:8.8::appstream
  • cpe:/a:redhat:rhel_e4s:8.8::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.12.0-15.el8_8.16 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.8 Telecommunications Update Service
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:rhel_tus:8.8::appstream
  • cpe:/a:redhat:rhel_e4s:8.8::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.20.11-17.el8_8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.8 Telecommunications Update Service
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/a:redhat:rhel_tus:8.8::appstream
  • cpe:/a:redhat:rhel_e4s:8.8::appstream
Default Status
affected
Versions
Unaffected
  • From 0:21.1.3-12.el8_8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:rhel_tus:8.8::appstream
  • cpe:/a:redhat:rhel_e4s:8.8::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.12.0-15.el8_8.16 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:rhel_tus:8.8::appstream
  • cpe:/a:redhat:rhel_e4s:8.8::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.20.11-17.el8_8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/a:redhat:rhel_tus:8.8::appstream
  • cpe:/a:redhat:rhel_e4s:8.8::appstream
Default Status
affected
Versions
Unaffected
  • From 0:21.1.3-12.el8_8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:enterprise_linux:9::appstream
  • cpe:/a:redhat:enterprise_linux:9::crb
Default Status
affected
Versions
Unaffected
  • From 0:1.20.11-32.el9_6 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:enterprise_linux:9::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.14.1-9.el9_6 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/a:redhat:enterprise_linux:9::appstream
  • cpe:/a:redhat:enterprise_linux:9::crb
Default Status
affected
Versions
Unaffected
  • From 0:23.2.7-5.el9_6 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:enterprise_linux:9::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.15.0-6.el9_7 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/a:redhat:enterprise_linux:9::appstream
  • cpe:/a:redhat:enterprise_linux:9::crb
Default Status
affected
Versions
Unaffected
  • From 0:23.2.7-5.el9_7 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:enterprise_linux:9::appstream
  • cpe:/a:redhat:enterprise_linux:9::crb
Default Status
affected
Versions
Unaffected
  • From 0:1.20.11-32.el9_7 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:rhel_e4s:9.0::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.11.0-22.el9_0.16 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:rhel_e4s:9.0::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.20.11-12.el9_0 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/a:redhat:rhel_e4s:9.0::appstream
Default Status
affected
Versions
Unaffected
  • From 0:21.1.3-4.el9_0 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:rhel_e4s:9.2::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.12.0-14.el9_2.13 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:rhel_e4s:9.2::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.20.11-19.el9_2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/a:redhat:rhel_e4s:9.2::appstream
Default Status
affected
Versions
Unaffected
  • From 0:21.1.3-9.el9_2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9.4 Extended Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
tigervnc
CPEs
  • cpe:/a:redhat:rhel_eus:9.4::appstream
Default Status
affected
Versions
Unaffected
  • From 0:1.13.1-8.el9_4.8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9.4 Extended Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/a:redhat:rhel_eus:9.4::appstream
  • cpe:/a:redhat:rhel_eus:9.4::crb
Default Status
affected
Versions
Unaffected
  • From 0:1.20.11-27.el9_4 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9.4 Extended Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server-Xwayland
CPEs
  • cpe:/a:redhat:rhel_eus:9.4::appstream
Default Status
affected
Versions
Unaffected
  • From 0:22.1.9-7.el9_4 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 6
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
xorg-x11-server
CPEs
  • cpe:/o:redhat:enterprise_linux:6
Default Status
unknown
Problem Types
TypeCWE IDDescription
CWECWE-416Use After Free
Type: CWE
CWE ID: CWE-416
Description: Use After Free
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Metrics Other Info
Red Hat severity rating
value:
Moderate
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Exploits
Credits
Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue.
Timeline
EventDate
Reported to Red Hat.2025-10-09 05:04:24
Made public.2025-10-29 00:00:00
Event: Reported to Red Hat.
Date: 2025-10-09 05:04:24
Event: Made public.
Date: 2025-10-29 00:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://access.redhat.com/errata/RHSA-2025:19432
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:19433
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:19434
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:19435
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:19489
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:19623
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:19909
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:20958
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:20960
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:20961
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:21035
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22040
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22041
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22051
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22055
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22056
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22077
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22096
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22164
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22167
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22364
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22365
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22426
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22427
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22667
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22729
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22742
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:22753
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:0031
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:0033
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:0034
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:0035
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:0036
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-62229
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2402649
issue-tracking
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19432
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19433
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19434
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19435
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19489
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19623
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19909
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:20958
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:20960
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:20961
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:21035
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22040
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22041
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22051
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22055
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22056
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22077
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22096
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22164
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22167
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22364
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22365
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22426
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22427
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22667
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22729
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22742
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22753
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:0031
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:0033
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:0034
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:0035
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:0036
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/security/cve/CVE-2025-62229
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2402649
Resource:
issue-tracking
x_refsource_REDHAT
â–¼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
N/A
http://www.openwall.com/lists/oss-security/2025/10/28/7
N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/10/28/7
Resource: N/A
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:30 Oct, 2025 | 06:15
Updated At:05 Jan, 2026 | 11:17

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.3HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-416Secondarysecalert@redhat.com
CWE ID: CWE-416
Type: Secondary
Source: secalert@redhat.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://access.redhat.com/errata/RHSA-2025:19432secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:19433secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:19434secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:19435secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:19489secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:19623secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:19909secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:20958secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:20960secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:20961secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:21035secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22040secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22041secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22051secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22055secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22056secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22077secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22096secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22164secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22167secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22364secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22365secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22426secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22427secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22667secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22729secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22742secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2025:22753secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2026:0031secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2026:0033secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2026:0034secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2026:0035secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2026:0036secalert@redhat.com
N/A
https://access.redhat.com/security/cve/CVE-2025-62229secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=2402649secalert@redhat.com
N/A
http://www.openwall.com/lists/oss-security/2025/10/28/7af854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.debian.org/debian-lts-announce/2025/10/msg00033.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19432
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19433
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19434
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19435
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19489
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19623
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:19909
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:20958
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:20960
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:20961
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:21035
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22040
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22041
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22051
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22055
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22056
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22077
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22096
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22164
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22167
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22364
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22365
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22426
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22427
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22667
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22729
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22742
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2025:22753
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:0031
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:0033
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:0034
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:0035
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:0036
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/security/cve/CVE-2025-62229
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2402649
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/10/28/7
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

57Records found
CVE-2023-4132
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 3.30%
||
7 Day CHG~0.00%
Published-03 Aug, 2023 | 14:32
Updated-07 Nov, 2025 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: smsusb: use-after-free caused by do_submit_urb()

A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition.

Action-Not Available
Vendor-Linux Kernel Organization, IncFedora ProjectRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxlinux_kernelfedoraenterprise_linuxenterprise_linux_for_real_time_for_nfventerprise_linux_for_real_timeRed Hat Enterprise Linux 9Red Hat Enterprise Linux 6Red Hat Virtualization 4 for Red Hat Enterprise Linux 8Red Hat Enterprise Linux 8Red Hat Enterprise Linux 8.6 Extended Update SupportRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8.8 Extended Update Support
CWE ID-CWE-416
Use After Free
CVE-2023-4133
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 1.27%
||
7 Day CHG~0.00%
Published-03 Aug, 2023 | 14:32
Updated-06 Nov, 2025 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: cxgb4: use-after-free in ch_flower_stats_cb()

A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition.

Action-Not Available
Vendor-Linux Kernel Organization, IncFedora ProjectRed Hat, Inc.
Product-enterprise_linuxlinux_kernelfedoraRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6
CWE ID-CWE-416
Use After Free
CVE-2020-10700
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-2.86% / 86.01%
||
7 Day CHG~0.00%
Published-04 May, 2020 | 20:03
Updated-04 Aug, 2024 | 11:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.

Action-Not Available
Vendor-openSUSESambaFedora ProjectRed Hat, Inc.
Product-fedorasambaleapsamba
CWE ID-CWE-416
Use After Free
CVE-2024-9979
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 15.68%
||
7 Day CHG~0.00%
Published-15 Oct, 2024 | 14:01
Updated-20 Nov, 2025 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pyo3: risk of use-after-free in `borrowed` reads from python weak references

A flaw was found in PyO3. This vulnerability causes a use-after-free issue, potentially leading to memory corruption or crashes via unsound borrowing from weak Python references.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Ansible Automation Platform 2Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9
CWE ID-CWE-416
Use After Free
CVE-2025-12105
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.08% / 23.69%
||
7 Day CHG+0.02%
Published-23 Oct, 2025 | 09:14
Updated-19 Dec, 2025 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libsoup: heap use-after-free in libsoup message queue handling during http/2 read completion

A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed twice due to missing state synchronization. This leads to a use-after-free memory access, potentially crashing the affected application. Attackers could exploit this behavior remotely by triggering specific HTTP/2 read and cancel sequences, resulting in a denial-of-service condition.

Action-Not Available
Vendor-The GNOME ProjectRed Hat, Inc.
Product-Red Hat Enterprise Linux 8libsoupRed Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 10.0 Extended Update Support
CWE ID-CWE-416
Use After Free
CVE-2024-6519
Matching Score-6
Assigner-Fedora Project
ShareView Details
Matching Score-6
Assigner-Fedora Project
CVSS Score-8.2||HIGH
EPSS-0.02% / 3.29%
||
7 Day CHG~0.00%
Published-21 Oct, 2024 | 14:36
Updated-08 Aug, 2025 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qemu: scsi: lsi53c895a: use-after-free local privilege escalation vulnerability

A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.

Action-Not Available
Vendor-QEMURed Hat, Inc.
Product-qemuRed Hat Enterprise Linux 9Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8 Advanced VirtualizationRed Hat Enterprise Linux 8Red Hat Enterprise Linux 7
CWE ID-CWE-416
Use After Free
CVE-2023-39198
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.36%
||
7 Day CHG~0.00%
Published-09 Nov, 2023 | 19:15
Updated-18 Feb, 2026 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: qxl: race condition leading to use-after-free in qxl_mode_dumb_create()

A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.Fedora Project
Product-linux_kernelfedoraenterprise_linuxRed Hat Enterprise Linux 8Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 6
CWE ID-CWE-366
Race Condition within a Thread
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • Next
Details not found