CVE-2025-49177

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
redhatCNA
6.1 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
Debian logo
Debian Releases
Debian Product
Codename
xorg-server
bullseye
2:1.20.11-1+deb11u13
not-affected
bookworm
ignored
bullseye (security)
2:1.20.11-1+deb11u16
fixed
bookworm (security)
2:21.1.7-3+deb12u10
fixed
sid
2:21.1.16-1.3
fixed
trixie
2:21.1.16-1.3
fixed
xwayland
bookworm
ignored
bullseye
not-affected
sid
vulnerable
trixie
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
xorg-server
plucky
Fixed 2:21.1.16-1ubuntu1.1
released
oracular
Fixed 2:21.1.13-2ubuntu1.4
released
noble
Fixed 2:21.1.12-1ubuntu1.4
released
jammy
Fixed 2:21.1.4-2ubuntu1.7~22.04.15
released
focal
needs-triage
bionic
needs-triage
xenial
needs-triage
trusty
needs-triage
xwayland
plucky
Fixed 2:24.1.6-1ubuntu0.1
released
oracular
Fixed 2:24.1.2-1ubuntu0.6
released
noble
Fixed 2:23.2.6-1ubuntu0.6
released
jammy
Fixed 2:22.1.1-1ubuntu0.19
released
xorg
plucky
not-affected
oracular
not-affected
noble
not-affected
jammy
not-affected
focal
not-affected
bionic
not-affected
xenial
not-affected
xorg-server-hwe-16.04
plucky
dne
oracular
dne
noble
dne
jammy
dne
xenial
needs-triage
xorg-server-hwe-18.04
plucky
dne
oracular
dne
noble
dne
jammy
dne
bionic
needs-triage
xorg-hwe-16.04
plucky
dne
oracular
dne
noble
dne
jammy
dne
xenial
not-affected
xorg-hwe-18.04
plucky
dne
oracular
dne
noble
dne
jammy
dne
bionic
not-affected
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2025:10258
https://access.redhat.com/errata/RHSA-2025:9304
https://access.redhat.com/security/cve/CVE-2025-49177
https://bugzilla.redhat.com/show_bug.cgi?id=2369955