CVE-2025-26601
CVE-2025-26601
Título es
CVE-2025-26601
Mar, 25/02/2025 – 16:15
Tipo
CWE-416
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2025-26601
Descripción en
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers.
25/02/2025
25/02/2025
Vector CVSS:3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Gravedad 3.1 (CVSS 3.1 Base Score)
7.80
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH
Referencias
https://access.redhat.com/security/cve/CVE-2025-26601
https://bugzilla.redhat.com/show_bug.cgi?id=2345251
Enviar en el boletín
Off
