High severity7.8NVD Advisory· Published Feb 25, 2025· Updated Apr 6, 2026
CVE-2025-26595
CVE-2025-26595
Description
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size.
Affected products
6cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
18- access.redhat.com/errata/RHSA-2025:2500nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2025:2502nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2025:2861nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2025:2862nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2025:2865nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2025:2866nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2025:2873nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2025:2874nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2025:2875nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2025:2879nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2025:2880nvdThird Party Advisory
- access.redhat.com/security/cve/CVE-2025-26595nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
- access.redhat.com/errata/RHSA-2025:3976nvd
- access.redhat.com/errata/RHSA-2025:7163nvd
- access.redhat.com/errata/RHSA-2025:7165nvd
- access.redhat.com/errata/RHSA-2025:7458nvd
- lists.debian.org/debian-lts-announce/2025/02/msg00036.htmlnvd
News mentions
0No linked articles in our index yet.