CVE-2025-26597

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 25, 2025

Updated: Mar 10, 2025

CWE ID 119

CWE ID 122

Summary

CVE-2025-26597 is a buffer overflow vulnerability affecting X.Org and Xwayland. The issue arises when XkbChangeTypesOfKey() is called with a group value of 0, causing the key symbols table to be resized to zero. Subsequent calls to XkbChangeTypesOfKey() with non-zero group values result in a buffer overflow due to the inconsistent size of the key actions. This vulnerability can potentially be exploited by attackers to execute arbitrary code or cause a system crash. It is recommended that users apply the available patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Red Hat Enterprise Linux

Affected Vendors

Red Hat

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Predator Still Active, with New Client and Corporate Links Identified

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Know What Matters

For Customers

For Partners