Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Mageia 9 MGASA-2025-0199 critical: x11-server security issues fixed

mageia
Calendar Grey June 28, 2025
Dist Mageia Esm H88
Several important patches tackle major vulnerabilities in x11-server and associated software for Mageia.
Out-of-bounds access in X Rendering extension (Animated cursors)

Summary

Out-of-bounds access in X Rendering extension (Animated cursors). (CVE-2025-49175) Integer overflow in Big Requests Extension. (CVE-2025-49176) Data leak in XFIXES Extension 6 (XFixesSetClientDisconnectMode). (CVE-2025-49177) Unprocessed client request via bytes to ignore. (CVE-2025-49178) Integer overflow in X Record extension. (CVE-2025-49179) Integer overflow in RandR extension (RRChangeProviderProperty). (CVE-2025-49180)

References

- https://bugs.mageia.org/show_bug.cgi?id=34381

- https://www.openwall.com/lists/oss-security/2025/06/17/3

- https://www.openwall.com/lists/oss-security/2025/06/18/2

- https://www.cve.org/CVERecord?id=CVE-2025-49175

- https://www.cve.org/CVERecord?id=CVE-2025-49176

- https://www.cve.org/CVERecord?id=CVE-2025-49177

- https://www.cve.org/CVERecord?id=CVE-2025-49178

- https://www.cve.org/CVERecord?id=CVE-2025-49179

- https://www.cve.org/CVERecord?id=CVE-2025-49180

Resolution

SRPMS

- 9/core/x11-server-21.1.8-7.8.mga9

- 9/core/x11-server-xwayland-22.1.9-1.8.mga9

- 9/core/tigervnc-1.13.1-2.8.mga9

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 28 Jun 2025
URL: https://advisories.mageia.org/MGASA-2025-0199.html
Type: security
CVE: CVE-2025-49175, CVE-2025-49176, CVE-2025-49177, CVE-2025-49178, CVE-2025-49179, CVE-2025-49180

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here