Issued:: 2025-11-03
Updated:: 2025-11-03

RHSA-2025:19435 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: xorg-x11-server-Xwayland security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Xwayland is an X server for running X clients under Wayland.

Security Fix(es):

xorg: xmayland: Use-after-free in XPresentNotify structure creation (CVE-2025-62229)
xorg: xwayland: Use-after-free in Xkb client resource removal (CVE-2025-62230)
xorg: xmayland: Value overflow in XkbSetCompatMap() (CVE-2025-62231)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 10 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
Red Hat Enterprise Linux for IBM z Systems 10 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat Enterprise Linux for ARM 64 10 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
Red Hat CodeReady Linux Builder for x86_64 10 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 10 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64

Fixes

BZ - 2402649 - CVE-2025-62229 xorg: xmayland: Use-after-free in XPresentNotify structure creation
BZ - 2402653 - CVE-2025-62230 xorg: xwayland: Use-after-free in Xkb client resource removal
BZ - 2402660 - CVE-2025-62231 xorg: xmayland: Value overflow in XkbSetCompatMap()

CVEs

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 10

SRPM
xorg-x11-server-Xwayland-24.1.5-5.el10_0.src.rpm	SHA-256: 1799c65066cf4fb49f73208a639d4c64723627715d18fa931313bcdaf222de5d
x86_64
xorg-x11-server-Xwayland-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 9dd4f8e70501c21a737d161e02d4f3d135b347fae5d26e7c2d0db2020bd0634b
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 2bef1c10f18a9948fa0f962d871fa4b7e92d29ad0ace355ab765bb0bb4d095b7
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 631d06b28fbd61ed8c6cecde11a45300781ee99daf51c585b81516b1736f0ffa

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0

SRPM
xorg-x11-server-Xwayland-24.1.5-5.el10_0.src.rpm	SHA-256: 1799c65066cf4fb49f73208a639d4c64723627715d18fa931313bcdaf222de5d
x86_64
xorg-x11-server-Xwayland-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 9dd4f8e70501c21a737d161e02d4f3d135b347fae5d26e7c2d0db2020bd0634b
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 2bef1c10f18a9948fa0f962d871fa4b7e92d29ad0ace355ab765bb0bb4d095b7
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 631d06b28fbd61ed8c6cecde11a45300781ee99daf51c585b81516b1736f0ffa

Red Hat Enterprise Linux for IBM z Systems 10

SRPM
xorg-x11-server-Xwayland-24.1.5-5.el10_0.src.rpm	SHA-256: 1799c65066cf4fb49f73208a639d4c64723627715d18fa931313bcdaf222de5d
s390x
xorg-x11-server-Xwayland-24.1.5-5.el10_0.s390x.rpm	SHA-256: 7487c84fcd69505c5bc784802128d22d4b39990f1e3c7de6c252abeb1f432c57
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.s390x.rpm	SHA-256: 741e7e7e1936b182c975ec170a14c466281ed406441f132cdc5356ce7e4dfa86
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.s390x.rpm	SHA-256: 49094bfd52b8187284f9c8c44a552e85a30e67c0948bdd3d7206f04e5d6914c7

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0

SRPM
xorg-x11-server-Xwayland-24.1.5-5.el10_0.src.rpm	SHA-256: 1799c65066cf4fb49f73208a639d4c64723627715d18fa931313bcdaf222de5d
s390x
xorg-x11-server-Xwayland-24.1.5-5.el10_0.s390x.rpm	SHA-256: 7487c84fcd69505c5bc784802128d22d4b39990f1e3c7de6c252abeb1f432c57
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.s390x.rpm	SHA-256: 741e7e7e1936b182c975ec170a14c466281ed406441f132cdc5356ce7e4dfa86
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.s390x.rpm	SHA-256: 49094bfd52b8187284f9c8c44a552e85a30e67c0948bdd3d7206f04e5d6914c7

Red Hat Enterprise Linux for Power, little endian 10

SRPM
xorg-x11-server-Xwayland-24.1.5-5.el10_0.src.rpm	SHA-256: 1799c65066cf4fb49f73208a639d4c64723627715d18fa931313bcdaf222de5d
ppc64le
xorg-x11-server-Xwayland-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: 1dc3d80245e4e423ad830387f278ef9d16921bbae7af4a72c67696409d63320d
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: 9ab343a1971a00b1cede06cddd17355a6dea550792fce5c7e4c4c4f97e710cdf
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: b11f301ffcbbc9b9b71bfcba1c3fc7aa67ed1ad4f17456d98020b6110eb13f3c

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0

SRPM
xorg-x11-server-Xwayland-24.1.5-5.el10_0.src.rpm	SHA-256: 1799c65066cf4fb49f73208a639d4c64723627715d18fa931313bcdaf222de5d
ppc64le
xorg-x11-server-Xwayland-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: 1dc3d80245e4e423ad830387f278ef9d16921bbae7af4a72c67696409d63320d
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: 9ab343a1971a00b1cede06cddd17355a6dea550792fce5c7e4c4c4f97e710cdf
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: b11f301ffcbbc9b9b71bfcba1c3fc7aa67ed1ad4f17456d98020b6110eb13f3c

Red Hat Enterprise Linux for ARM 64 10

SRPM
xorg-x11-server-Xwayland-24.1.5-5.el10_0.src.rpm	SHA-256: 1799c65066cf4fb49f73208a639d4c64723627715d18fa931313bcdaf222de5d
aarch64
xorg-x11-server-Xwayland-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 9f3bb94b6783007c9eeb2b16171211bd1ba1670f1fc7483569fe4c0538e77718
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 4d94e70cc1955523340fc52a1be564adc8fef0639888d58aa148d1bf8e1f4612
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 001b2367f1b29bf004050e08e8e455253bebc4639d37fdbd26c437ad94055526

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0

SRPM
xorg-x11-server-Xwayland-24.1.5-5.el10_0.src.rpm	SHA-256: 1799c65066cf4fb49f73208a639d4c64723627715d18fa931313bcdaf222de5d
aarch64
xorg-x11-server-Xwayland-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 9f3bb94b6783007c9eeb2b16171211bd1ba1670f1fc7483569fe4c0538e77718
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 4d94e70cc1955523340fc52a1be564adc8fef0639888d58aa148d1bf8e1f4612
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 001b2367f1b29bf004050e08e8e455253bebc4639d37fdbd26c437ad94055526

Red Hat CodeReady Linux Builder for x86_64 10

SRPM
x86_64
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 2bef1c10f18a9948fa0f962d871fa4b7e92d29ad0ace355ab765bb0bb4d095b7
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 631d06b28fbd61ed8c6cecde11a45300781ee99daf51c585b81516b1736f0ffa
xorg-x11-server-Xwayland-devel-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 1a8a2c629b37c7dc4fa8b1639667bdfa232d378a9d135d918746be51da70456d

Red Hat CodeReady Linux Builder for Power, little endian 10

SRPM
ppc64le
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: 9ab343a1971a00b1cede06cddd17355a6dea550792fce5c7e4c4c4f97e710cdf
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: b11f301ffcbbc9b9b71bfcba1c3fc7aa67ed1ad4f17456d98020b6110eb13f3c
xorg-x11-server-Xwayland-devel-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: 72ba10e5be83d0ca0adb14e4f54538901adc591052adfd8195b1032725d6338c

Red Hat CodeReady Linux Builder for ARM 64 10

SRPM
aarch64
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 4d94e70cc1955523340fc52a1be564adc8fef0639888d58aa148d1bf8e1f4612
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 001b2367f1b29bf004050e08e8e455253bebc4639d37fdbd26c437ad94055526
xorg-x11-server-Xwayland-devel-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 68b3c1d07281ed5a7e89f28317710fd870f8abcda51d731b002bb78d1d9faad6

Red Hat CodeReady Linux Builder for IBM z Systems 10

SRPM
s390x
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.s390x.rpm	SHA-256: 741e7e7e1936b182c975ec170a14c466281ed406441f132cdc5356ce7e4dfa86
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.s390x.rpm	SHA-256: 49094bfd52b8187284f9c8c44a552e85a30e67c0948bdd3d7206f04e5d6914c7
xorg-x11-server-Xwayland-devel-24.1.5-5.el10_0.s390x.rpm	SHA-256: 46bee5538bf56093b261eedbb96bc60b2e82f54129cc7152319138b96e755ca8

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0

SRPM
x86_64
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 2bef1c10f18a9948fa0f962d871fa4b7e92d29ad0ace355ab765bb0bb4d095b7
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 631d06b28fbd61ed8c6cecde11a45300781ee99daf51c585b81516b1736f0ffa
xorg-x11-server-Xwayland-devel-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 1a8a2c629b37c7dc4fa8b1639667bdfa232d378a9d135d918746be51da70456d

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0

SRPM
ppc64le
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: 9ab343a1971a00b1cede06cddd17355a6dea550792fce5c7e4c4c4f97e710cdf
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: b11f301ffcbbc9b9b71bfcba1c3fc7aa67ed1ad4f17456d98020b6110eb13f3c
xorg-x11-server-Xwayland-devel-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: 72ba10e5be83d0ca0adb14e4f54538901adc591052adfd8195b1032725d6338c

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0

SRPM
s390x
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.s390x.rpm	SHA-256: 741e7e7e1936b182c975ec170a14c466281ed406441f132cdc5356ce7e4dfa86
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.s390x.rpm	SHA-256: 49094bfd52b8187284f9c8c44a552e85a30e67c0948bdd3d7206f04e5d6914c7
xorg-x11-server-Xwayland-devel-24.1.5-5.el10_0.s390x.rpm	SHA-256: 46bee5538bf56093b261eedbb96bc60b2e82f54129cc7152319138b96e755ca8

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0

SRPM
aarch64
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 4d94e70cc1955523340fc52a1be564adc8fef0639888d58aa148d1bf8e1f4612
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 001b2367f1b29bf004050e08e8e455253bebc4639d37fdbd26c437ad94055526
xorg-x11-server-Xwayland-devel-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 68b3c1d07281ed5a7e89f28317710fd870f8abcda51d731b002bb78d1d9faad6

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0

SRPM
xorg-x11-server-Xwayland-24.1.5-5.el10_0.src.rpm	SHA-256: 1799c65066cf4fb49f73208a639d4c64723627715d18fa931313bcdaf222de5d
aarch64
xorg-x11-server-Xwayland-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 9f3bb94b6783007c9eeb2b16171211bd1ba1670f1fc7483569fe4c0538e77718
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 4d94e70cc1955523340fc52a1be564adc8fef0639888d58aa148d1bf8e1f4612
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.aarch64.rpm	SHA-256: 001b2367f1b29bf004050e08e8e455253bebc4639d37fdbd26c437ad94055526

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0

SRPM
xorg-x11-server-Xwayland-24.1.5-5.el10_0.src.rpm	SHA-256: 1799c65066cf4fb49f73208a639d4c64723627715d18fa931313bcdaf222de5d
s390x
xorg-x11-server-Xwayland-24.1.5-5.el10_0.s390x.rpm	SHA-256: 7487c84fcd69505c5bc784802128d22d4b39990f1e3c7de6c252abeb1f432c57
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.s390x.rpm	SHA-256: 741e7e7e1936b182c975ec170a14c466281ed406441f132cdc5356ce7e4dfa86
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.s390x.rpm	SHA-256: 49094bfd52b8187284f9c8c44a552e85a30e67c0948bdd3d7206f04e5d6914c7

Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0

SRPM
xorg-x11-server-Xwayland-24.1.5-5.el10_0.src.rpm	SHA-256: 1799c65066cf4fb49f73208a639d4c64723627715d18fa931313bcdaf222de5d
ppc64le
xorg-x11-server-Xwayland-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: 1dc3d80245e4e423ad830387f278ef9d16921bbae7af4a72c67696409d63320d
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: 9ab343a1971a00b1cede06cddd17355a6dea550792fce5c7e4c4c4f97e710cdf
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.ppc64le.rpm	SHA-256: b11f301ffcbbc9b9b71bfcba1c3fc7aa67ed1ad4f17456d98020b6110eb13f3c

Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0

SRPM
xorg-x11-server-Xwayland-24.1.5-5.el10_0.src.rpm	SHA-256: 1799c65066cf4fb49f73208a639d4c64723627715d18fa931313bcdaf222de5d
x86_64
xorg-x11-server-Xwayland-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 9dd4f8e70501c21a737d161e02d4f3d135b347fae5d26e7c2d0db2020bd0634b
xorg-x11-server-Xwayland-debuginfo-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 2bef1c10f18a9948fa0f962d871fa4b7e92d29ad0ace355ab765bb0bb4d095b7
xorg-x11-server-Xwayland-debugsource-24.1.5-5.el10_0.x86_64.rpm	SHA-256: 631d06b28fbd61ed8c6cecde11a45300781ee99daf51c585b81516b1736f0ffa

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.