CLSA-2025-1764027165

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1764027165.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1764027165
Upstream
Published
2025-11-24T23:32:50Z
Modified
2026-06-01T00:31:20.697723328Z
Summary
xorg-x11-server-Xwayland: Fix of 3 CVEs
Details
  • CVE-2024-21886: fix heap overflow caused by incorrect DisableDevice() recursion
  • CVE-2024-31083: fix use-after-free caused by incorrect glyph reuse handling
  • CVE-2023-5367: fix out-of-bounds write in property append/prepend handling
References

Affected packages

TuxCare:AlmaLinux:9.2 / xorg-x11-server-Xwayland

Package

Name
xorg-x11-server-Xwayland
Purl
pkg:rpm/tuxcare/xorg-x11-server-Xwayland?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
21.1.3-7.el9.tuxcare.els11

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1764027165.json"

TuxCare:AlmaLinux:9.2 / xorg-x11-server-Xwayland-devel

Package

Name
xorg-x11-server-Xwayland-devel
Purl
pkg:rpm/tuxcare/xorg-x11-server-Xwayland-devel?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
21.1.3-7.el9.tuxcare.els11

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1764027165.json"