CVE-2025-62229

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2025:19432
https://access.redhat.com/errata/RHSA-2025:19433
https://access.redhat.com/errata/RHSA-2025:19434
https://access.redhat.com/errata/RHSA-2025:19435
https://access.redhat.com/errata/RHSA-2025:19489
https://access.redhat.com/errata/RHSA-2025:19623
https://access.redhat.com/errata/RHSA-2025:19909
https://access.redhat.com/errata/RHSA-2025:20958
https://access.redhat.com/errata/RHSA-2025:20960
https://access.redhat.com/errata/RHSA-2025:20961
https://access.redhat.com/errata/RHSA-2025:21035
https://access.redhat.com/errata/RHSA-2025:22040
https://access.redhat.com/errata/RHSA-2025:22041
https://access.redhat.com/errata/RHSA-2025:22051
https://access.redhat.com/errata/RHSA-2025:22055
https://access.redhat.com/errata/RHSA-2025:22056
https://access.redhat.com/errata/RHSA-2025:22077
https://access.redhat.com/errata/RHSA-2025:22096
https://access.redhat.com/errata/RHSA-2025:22164
https://access.redhat.com/errata/RHSA-2025:22167
https://access.redhat.com/errata/RHSA-2025:22364
https://access.redhat.com/errata/RHSA-2025:22365
https://access.redhat.com/errata/RHSA-2025:22426
https://access.redhat.com/errata/RHSA-2025:22427
https://access.redhat.com/errata/RHSA-2025:22667
https://access.redhat.com/errata/RHSA-2025:22729
https://access.redhat.com/errata/RHSA-2025:22742
https://access.redhat.com/errata/RHSA-2025:22753
https://access.redhat.com/errata/RHSA-2026:0031
https://access.redhat.com/errata/RHSA-2026:0033
https://access.redhat.com/errata/RHSA-2026:0034
https://access.redhat.com/errata/RHSA-2026:0035
https://access.redhat.com/errata/RHSA-2026:0036
https://access.redhat.com/security/cve/CVE-2025-62229
https://bugzilla.redhat.com/show_bug.cgi?id=2402649
http://www.openwall.com/lists/oss-security/2025/10/28/7
https://lists.debian.org/debian-lts-announce/2025/10/msg00033.html

Configurations

No configuration.

History

No history.

Information

Published : 2025-10-30 06:15

Updated : 2026-01-05 11:17

NVD link : CVE-2025-62229

Mitre link : CVE-2025-62229

CVE.ORG link : CVE-2025-62229

JSON object : View

Products Affected

No product.

CWE

CWE-416

Use After Free

7.3 /10