CVE-2025-26595

Published Feb 25, 2025

Last updated 18 days ago

CVSS high 7.8

Overview

Description
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size.
Source
secalert@redhat.com
NVD status
Modified

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secalert@redhat.com
CWE-121

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-26595 🔴 HIGH (7.8) 🏢 Red Hat - Red Hat Enterprise Linux 6 🏗️ None 🔗 https://t.co/4RwTo8TAqb 🔗 https://t.co/Ur3VRanbtM #CyberCron #VulnAlert @RedHat https://t.co/kzDwBXqMVN

    @cybercronai

    27 Feb 2025

    15 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-26595 A buffer overflow flaw was found in https://t.co/NfcYnrk5RQ and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual … https://t.co/xPSU14HK9X

    @CVEnew

    25 Feb 2025

    326 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References