๐Ÿ” CVE Alert

CVE-2025-49178

MEDIUM 5.5

Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore

CVSS Score
5.5
EPSS Score
0.0%
EPSS Percentile
0th

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service.

CWE CWE-667
Vendor x.org
Product xwayland
Published Jun 17, 2025
Last Updated Dec 11, 2025
Stay Ahead of the Next One

Get instant alerts for x.org xwayland

Be the first to know when new medium vulnerabilities affecting x.org xwayland are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Affected Versions

X.Org / xwayland
0 < 24.1.7
Red Hat / Red Hat Enterprise Linux 10
All versions affected
Red Hat / Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION
All versions affected
Red Hat / Red Hat Enterprise Linux 7.7 Advanced Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 7 Extended Lifecycle Support
All versions affected
Red Hat / Red Hat Enterprise Linux 7 Extended Lifecycle Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8
All versions affected
Red Hat / Red Hat Enterprise Linux 8
All versions affected
Red Hat / Red Hat Enterprise Linux 8
All versions affected
Red Hat / Red Hat Enterprise Linux 8.2 Advanced Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.2 Advanced Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
All versions affected
Red Hat / Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update Service
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update Service
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update Service
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On
All versions affected
Red Hat / Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On
All versions affected
Red Hat / Red Hat Enterprise Linux 8.8 Telecommunications Update Service
All versions affected
Red Hat / Red Hat Enterprise Linux 8.8 Telecommunications Update Service
All versions affected
Red Hat / Red Hat Enterprise Linux 8.8 Telecommunications Update Service
All versions affected
Red Hat / Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9
All versions affected
Red Hat / Red Hat Enterprise Linux 9
All versions affected
Red Hat / Red Hat Enterprise Linux 9
All versions affected
Red Hat / Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 6
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10258 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10342 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10343 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10344 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10346 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10347 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10348 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10349 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10350 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10351 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10352 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10355 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10356 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10360 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10370 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10374 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10375 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10376 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10377 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10378 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10381 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10410 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:9303 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:9304 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:9305 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:9306 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:9392 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:9964 access.redhat.com: https://access.redhat.com/security/cve/CVE-2025-49178 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2369977 gitlab.freedesktop.org: https://gitlab.freedesktop.org/xorg/xserver/-/commit/d55c54cecb5e83eaa2d56bed5cc4461f9ba318c2 x.org: https://www.x.org/wiki/Development/Security/ lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html