CLSA-2025-1763651916
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1763651916.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2025-1763651916
- Upstream
- Published
- 2025-11-20T15:18:39Z
- Modified
- 2026-05-29T01:16:33.239786263Z
- Summary
- xorg-x11-server-Xwayland: Fix of 4 CVEs
- Details
-
- CVE-2023-1393: fix use-after-free in compositor overlay window by clearing dangling COW pointer
- CVE-2024-31080: prevent heap over-read in ProcXIGetSelectedEvents() caused by using byte-swapped length values in replies.
- CVE-2024-31081: fix buffer over-read in ProcXIPassiveGrabDevice by using correct unswapped length for replies
- CVE-2025-26600: fix use-after-free by clearing pending events when removing a frozen device
- References