CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-26597: Xorg: xwayland: buffer overflow in xkbchangetypesofkey()

Description

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size.

Classification

CVE ID: CVE-2025-26597

Problem Types

Heap-based Buffer Overflow

Affected Products

Vendor: Red Hat, Red Hat, Red Hat, Red Hat, Red Hat, Red Hat, Red Hat, Red Hat, Red Hat, Red Hat

Product: Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 3.54% (scored less or equal to compared to others)

EPSS Date: 2025-03-26 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-26597
https://access.redhat.com/security/cve/CVE-2025-26597
https://bugzilla.redhat.com/show_bug.cgi?id=2345255

Timeline

2025-02-25 16:40:13 UTC
CVE

Xorg: xwayland: buffer overflow in xkbchangetypesofkey()
2025-03-11 11:45:20 UTC
Tenable Plugins

CBL Mariner 2.0 Security Update: xorg-x11-server (CVE-2025-26597)