]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f5a10c4) | patch
xwayland: fix CVE-2025-62229
authorYogita Urade <yogita.urade@windriver.com>
Wed, 19 Nov 2025 11:04:39 +0000 (16:34 +0530)
committerSteve Sakoman <steve@sakoman.com>
Wed, 19 Nov 2025 16:11:20 +0000 (08:11 -0800)
commit3d606cc94e5ce42b836878578fa271a72bc76015
treec8458b7c4641f9e8811c52c2e107ded2eda6e950tree | snapshot
parentf5a10c4950ccb5570c72eb0a09618b7b3523bc39commit | diff
xwayland: fix CVE-2025-62229

A flaw was found in the X.Org X server and Xwayland when processing
X11 Present extension notifications. Improper error handling during
notification creation can leave dangling pointers that lead to a
use-after-free condition. This can cause memory corruption or a crash,
potentially allowing an attacker to execute arbitrary code or cause a
denial of service.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-62229

Upstream patch:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/5a4286b13f631b66c20f5bc8db7b68211dcbd1d0

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-graphics/xwayland/xwayland/CVE-2025-62229.patch [new file with mode: 0644] blob
meta/recipes-graphics/xwayland/xwayland_23.2.5.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core