]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3d606cc) | patch
xwayland: fix CVE-2025-62230
authorYogita Urade <yogita.urade@windriver.com>
Wed, 19 Nov 2025 11:04:40 +0000 (16:34 +0530)
committerSteve Sakoman <steve@sakoman.com>
Wed, 19 Nov 2025 16:11:20 +0000 (08:11 -0800)
commit5d98bca7ca76964a6bf7efb7cf8331b9f518ad00
tree83cf7322bfa27f989de765b82a649513a212f626tree | snapshot
parent3d606cc94e5ce42b836878578fa271a72bc76015commit | diff
xwayland: fix CVE-2025-62230

A flaw was discovered in the X.Org X serverâ\x80\x99s X Keyboard
(Xkb) extension when handling client resource cleanup. The software
frees certain data structures without properly detaching related
resources, leading to a use-after-free condition. This can cause
memory corruption or a crash when affected clients disconnect.

Reference:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/3baad99f9c15028ed8c3e3d8408e5ec35db155aa

Upstream patches:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/865089ca70840c0f13a61df135f7b44a9782a175
https://gitlab.freedesktop.org/xorg/xserver/-/commit/87fe2553937a99fd914ad0cde999376a3adc3839

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-graphics/xwayland/xwayland/CVE-2025-62230-0001.patch [new file with mode: 0644] blob
meta/recipes-graphics/xwayland/xwayland/CVE-2025-62230-0002.patch [new file with mode: 0644] blob
meta/recipes-graphics/xwayland/xwayland_23.2.5.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core