Techly NewsGet the app

Get the latest tech news

Eight New Security Vulnerabilities Reported Against The X.Org Server & XWayland


Eight new security issues have now been made public around the X.Org Server codebase that also impact XWayland.

Eight new security issues have now been made public around the X.Org Server codebase that also impact XWayland. The Trend Micro Zero Day Initiative has once again uncovered a trove of security issues within the X.Org Server codebase... CVE-2025-26594: Use-after-free of the root cursor CVE-2025-26595: Buffer overflow in XkbVModMaskText() CVE-2025-26596: Heap overflow in XkbWriteKeySyms() CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient() CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow() CVE-2025-26600: Use-after-free in PlayReleasedEvents() CVE-2025-26601: Use-after-free in SyncInitTrigger() XWayland 24.1.6 and X.Org Server 21.1.16 have been released to address these newly-disclosed vulnerabilities.

Get the Android app

Or read this on Phoronix

Read more on:

Photo of xwayland

xwayland

Photo of x.org

x.org

Photo of x.org server

x.org server

Related news:

News photo

X.Org / FreeDesktop.org Encounters New Cloud Crisis: Needs New Infrastructure Very Soon

News photo

X.Org Server Development Hit A Decade High For The Number Of Commits In 2024

News photo

CentOS Stream 10 Reaches GA With Linux 6.12, Python 3.12 & No X.Org Server

« FAA tests Starlink terminals as Musk claims Verizon tech is ‘not working’
Paramount+ adds 50 classic MTV Unplugged episodes »