Description

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size.

INFO

Published Date :

2025-02-25T15:54:48.196Z

Last Modified :

2026-04-06T12:53:24.502Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2025-26597 vulnerability.

Vendors Products
Redhat
  • Enterprise Linux
  • Rhel Aus
  • Rhel E4s
  • Rhel Els
  • Rhel Eus
  • Rhel Tus
Tigervnc
  • Tigervnc
X.org
  • X Server
  • Xwayland
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-26597.

URL Resource
https://access.redhat.com/errata/RHSA-2025:2500 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2502 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2861 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2862 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2865 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2866 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2873 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2874 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2875 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2879 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:2880 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:3976 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:7163 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:7165 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2025:7458 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2025-26597 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2345255 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-26597 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-26597 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact