Security vulnerabilities have been identified in the recent release of X.org Server and DDX component (Device-Dependant X) xwayland 24.1.7, as reported in the official announcement. These vulnerabilities could potentially be exploited to escalate privileges in systems where the X-server is running with Root rights, as well as for remote code execution in configurations utilizing the X11 session for access.
The new version of X.org Server addresses a total of 6 vulnerabilities, each posing a different risk to the security of X11-applications surrounded by Wayland.
The identified vulnerabilities include:
- CVE-2025-49176: Integer overflow in BIG REQUESTS expansion implementation, allowing for requests with more than 16 bits, dating back to X11R6.0 (1994).
- CVE-2025-49179: Integer overflow in X Record extension implementation, triggered by sending oversized values, originating from X11R6.1 (1996).
- CVE-2025-49180: Integer overflow in RANDR expansion implementation, starting from 1.13 RC1 (2012).
- CVE-2025-49178: Possibility to create a scenario leading to requests blocking other clients, introduced in Xorg 1.10.0.
- CVE-2025-49175: Buffer border read from memory outside the expansion X Rendering, occurring during operations with animated cursors, from xfree86 4.3.0 (2003).
- CVE-2025-49177: Data leakage in XFIXES extension implementation due to a lack of request size verification, present since Xorg Server 21.1 RC1 (2011).
/Reports, release notes, official announcements.