Description

A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size.

INFO

Published Date :

2025-02-25T15:54:06.708Z

Last Modified :

2026-04-06T12:53:14.906Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2025-26595 vulnerability.

Vendors Products
Redhat
  • Enterprise Linux
  • Rhel Aus
  • Rhel E4s
  • Rhel Els
  • Rhel Eus
  • Rhel Tus
Tigervnc
  • Tigervnc
X.org
  • X Server
  • Xwayland
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-26595.

URL Resource
https://access.redhat.com/errata/RHSA-2025:2500 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2502 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2861 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2862 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2865 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2866 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2873 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2874 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2875 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2879 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2880 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:3976 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:7163 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:7165 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:7458 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2025-26595 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2345257 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-26595 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-26595 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact