Synopsis
Important: xorg-x11-server-Xwayland security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Xwayland is an X server for running X clients under Wayland.
Security Fix(es):
- xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors (CVE-2025-49175)
- xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension (CVE-2025-49176)
- xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Data Leak in XFIXES Extension's XFixesSetClientDisconnectMode (CVE-2025-49177)
- xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore (CVE-2025-49178)
- xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension (CVE-2025-49179)
- xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension (CVE-2025-49180)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 10 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 10 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
-
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
-
Red Hat Enterprise Linux for ARM 64 10 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
-
Red Hat CodeReady Linux Builder for x86_64 10 x86_64
-
Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le
-
Red Hat CodeReady Linux Builder for ARM 64 10 aarch64
-
Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x
-
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64
-
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le
-
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x
-
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
-
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
-
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64
Fixes
-
BZ - 2369947
- CVE-2025-49175 xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors
-
BZ - 2369954
- CVE-2025-49176 xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension
-
BZ - 2369955
- CVE-2025-49177 xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Data Leak in XFIXES Extension's XFixesSetClientDisconnectMode
-
BZ - 2369977
- CVE-2025-49178 xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore
-
BZ - 2369978
- CVE-2025-49179 xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension
-
BZ - 2369981
- CVE-2025-49180 xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 10
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.src.rpm
|
SHA-256: b07c66a9d612600dea6e8a62b95021f7fe0ede6e54a1e1c91fb76e84b80cc723 |
| x86_64 |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: f4780c3033dda21ebfad92d0940353f2ef4ac0e0aa306d7c7377e6533d528698 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: 665e6cda3cecf5a91a7408af6ac672c21ddd606cf92347d07bd9611bb43300e2 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: 3ea92370189813a17c53a3497afda193d88090973563f5cbff06bfd86278ea01 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.src.rpm
|
SHA-256: b07c66a9d612600dea6e8a62b95021f7fe0ede6e54a1e1c91fb76e84b80cc723 |
| x86_64 |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: f4780c3033dda21ebfad92d0940353f2ef4ac0e0aa306d7c7377e6533d528698 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: 665e6cda3cecf5a91a7408af6ac672c21ddd606cf92347d07bd9611bb43300e2 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: 3ea92370189813a17c53a3497afda193d88090973563f5cbff06bfd86278ea01 |
Red Hat Enterprise Linux for IBM z Systems 10
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.src.rpm
|
SHA-256: b07c66a9d612600dea6e8a62b95021f7fe0ede6e54a1e1c91fb76e84b80cc723 |
| s390x |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: e371f01d13013f04f267c5641e95a4430954892e6641b15ed7206602ca73ab63 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: bdcb1d4c9d1132940c1952f039e119fa8337ec6cbbed89348dc8201752f53c4c |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: d04f4de8c5cf43b819f1af00c5fe5098d712c1689c2af72b5c2704204cb76087 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.src.rpm
|
SHA-256: b07c66a9d612600dea6e8a62b95021f7fe0ede6e54a1e1c91fb76e84b80cc723 |
| s390x |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: e371f01d13013f04f267c5641e95a4430954892e6641b15ed7206602ca73ab63 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: bdcb1d4c9d1132940c1952f039e119fa8337ec6cbbed89348dc8201752f53c4c |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: d04f4de8c5cf43b819f1af00c5fe5098d712c1689c2af72b5c2704204cb76087 |
Red Hat Enterprise Linux for Power, little endian 10
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.src.rpm
|
SHA-256: b07c66a9d612600dea6e8a62b95021f7fe0ede6e54a1e1c91fb76e84b80cc723 |
| ppc64le |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: 32053e8b184a6c8818885b6c2c72222b16728267bc7c57f5d461de9461723816 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: a3645d2f79677e6d772938e601eb3b3b82853eece85418465cd94be314067c97 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: 94d334bd19b63ceafe9267432a856e18849dee65056227ad960b636e9d80259b |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.src.rpm
|
SHA-256: b07c66a9d612600dea6e8a62b95021f7fe0ede6e54a1e1c91fb76e84b80cc723 |
| ppc64le |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: 32053e8b184a6c8818885b6c2c72222b16728267bc7c57f5d461de9461723816 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: a3645d2f79677e6d772938e601eb3b3b82853eece85418465cd94be314067c97 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: 94d334bd19b63ceafe9267432a856e18849dee65056227ad960b636e9d80259b |
Red Hat Enterprise Linux for ARM 64 10
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.src.rpm
|
SHA-256: b07c66a9d612600dea6e8a62b95021f7fe0ede6e54a1e1c91fb76e84b80cc723 |
| aarch64 |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: 1f12a69baeb6860ebaca90a8c036b1e139de1b4eb3e5783a9f479e92a493bb6f |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: da95449fdf736549930c12704a24ec4cd13ea3903d8ab28bc3f2c80abdb289c1 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: 378112405b7ce439ac29879330bbe70ed5bc97c63eb696d33f880b5354b49b80 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.src.rpm
|
SHA-256: b07c66a9d612600dea6e8a62b95021f7fe0ede6e54a1e1c91fb76e84b80cc723 |
| aarch64 |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: 1f12a69baeb6860ebaca90a8c036b1e139de1b4eb3e5783a9f479e92a493bb6f |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: da95449fdf736549930c12704a24ec4cd13ea3903d8ab28bc3f2c80abdb289c1 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: 378112405b7ce439ac29879330bbe70ed5bc97c63eb696d33f880b5354b49b80 |
Red Hat CodeReady Linux Builder for x86_64 10
| SRPM |
| x86_64 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: 665e6cda3cecf5a91a7408af6ac672c21ddd606cf92347d07bd9611bb43300e2 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: 3ea92370189813a17c53a3497afda193d88090973563f5cbff06bfd86278ea01 |
|
xorg-x11-server-Xwayland-devel-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: 5fa3a9f43ad748db5cebe74cee640106f0b5308253410d3e640c64ee797a5785 |
Red Hat CodeReady Linux Builder for Power, little endian 10
| SRPM |
| ppc64le |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: a3645d2f79677e6d772938e601eb3b3b82853eece85418465cd94be314067c97 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: 94d334bd19b63ceafe9267432a856e18849dee65056227ad960b636e9d80259b |
|
xorg-x11-server-Xwayland-devel-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: c9d207d3ed659d72b394d641fcb53d65bebb5ad62c843143137f14f93fa4e45d |
Red Hat CodeReady Linux Builder for ARM 64 10
| SRPM |
| aarch64 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: da95449fdf736549930c12704a24ec4cd13ea3903d8ab28bc3f2c80abdb289c1 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: 378112405b7ce439ac29879330bbe70ed5bc97c63eb696d33f880b5354b49b80 |
|
xorg-x11-server-Xwayland-devel-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: b3df7490a1c4bf68d43e22adcf3cd3c8071b81dd033b53daddb42502e14004de |
Red Hat CodeReady Linux Builder for IBM z Systems 10
| SRPM |
| s390x |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: bdcb1d4c9d1132940c1952f039e119fa8337ec6cbbed89348dc8201752f53c4c |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: d04f4de8c5cf43b819f1af00c5fe5098d712c1689c2af72b5c2704204cb76087 |
|
xorg-x11-server-Xwayland-devel-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: af84243c0682429e0ea1734ae7160da3e57367325aebf069494c1faa0902a47f |
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0
| SRPM |
| x86_64 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: 665e6cda3cecf5a91a7408af6ac672c21ddd606cf92347d07bd9611bb43300e2 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: 3ea92370189813a17c53a3497afda193d88090973563f5cbff06bfd86278ea01 |
|
xorg-x11-server-Xwayland-devel-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: 5fa3a9f43ad748db5cebe74cee640106f0b5308253410d3e640c64ee797a5785 |
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0
| SRPM |
| ppc64le |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: a3645d2f79677e6d772938e601eb3b3b82853eece85418465cd94be314067c97 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: 94d334bd19b63ceafe9267432a856e18849dee65056227ad960b636e9d80259b |
|
xorg-x11-server-Xwayland-devel-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: c9d207d3ed659d72b394d641fcb53d65bebb5ad62c843143137f14f93fa4e45d |
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0
| SRPM |
| s390x |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: bdcb1d4c9d1132940c1952f039e119fa8337ec6cbbed89348dc8201752f53c4c |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: d04f4de8c5cf43b819f1af00c5fe5098d712c1689c2af72b5c2704204cb76087 |
|
xorg-x11-server-Xwayland-devel-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: af84243c0682429e0ea1734ae7160da3e57367325aebf069494c1faa0902a47f |
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0
| SRPM |
| aarch64 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: da95449fdf736549930c12704a24ec4cd13ea3903d8ab28bc3f2c80abdb289c1 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: 378112405b7ce439ac29879330bbe70ed5bc97c63eb696d33f880b5354b49b80 |
|
xorg-x11-server-Xwayland-devel-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: b3df7490a1c4bf68d43e22adcf3cd3c8071b81dd033b53daddb42502e14004de |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.src.rpm
|
SHA-256: b07c66a9d612600dea6e8a62b95021f7fe0ede6e54a1e1c91fb76e84b80cc723 |
| aarch64 |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: 1f12a69baeb6860ebaca90a8c036b1e139de1b4eb3e5783a9f479e92a493bb6f |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: da95449fdf736549930c12704a24ec4cd13ea3903d8ab28bc3f2c80abdb289c1 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.aarch64.rpm
|
SHA-256: 378112405b7ce439ac29879330bbe70ed5bc97c63eb696d33f880b5354b49b80 |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.src.rpm
|
SHA-256: b07c66a9d612600dea6e8a62b95021f7fe0ede6e54a1e1c91fb76e84b80cc723 |
| s390x |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: e371f01d13013f04f267c5641e95a4430954892e6641b15ed7206602ca73ab63 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: bdcb1d4c9d1132940c1952f039e119fa8337ec6cbbed89348dc8201752f53c4c |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.s390x.rpm
|
SHA-256: d04f4de8c5cf43b819f1af00c5fe5098d712c1689c2af72b5c2704204cb76087 |
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.src.rpm
|
SHA-256: b07c66a9d612600dea6e8a62b95021f7fe0ede6e54a1e1c91fb76e84b80cc723 |
| ppc64le |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: 32053e8b184a6c8818885b6c2c72222b16728267bc7c57f5d461de9461723816 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: a3645d2f79677e6d772938e601eb3b3b82853eece85418465cd94be314067c97 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.ppc64le.rpm
|
SHA-256: 94d334bd19b63ceafe9267432a856e18849dee65056227ad960b636e9d80259b |
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.src.rpm
|
SHA-256: b07c66a9d612600dea6e8a62b95021f7fe0ede6e54a1e1c91fb76e84b80cc723 |
| x86_64 |
|
xorg-x11-server-Xwayland-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: f4780c3033dda21ebfad92d0940353f2ef4ac0e0aa306d7c7377e6533d528698 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: 665e6cda3cecf5a91a7408af6ac672c21ddd606cf92347d07bd9611bb43300e2 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-4.el10_0.x86_64.rpm
|
SHA-256: 3ea92370189813a17c53a3497afda193d88090973563f5cbff06bfd86278ea01 |
