CVE-2025-49176
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-49176
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-49176.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-49176
- Downstream
- Related
- Published
- 2025-06-17T15:15:45.470Z
- Modified
- 2025-12-13T04:55:35.708070Z
- Severity
-
- 7.3 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.
- References
-
- https://access.redhat.com/security/cve/CVE-2025-49176
- https://www.x.org/wiki/Development/Security/
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
- https://access.redhat.com/errata/RHSA-2025:10258
- https://access.redhat.com/errata/RHSA-2025:10342
- https://access.redhat.com/errata/RHSA-2025:10343
- https://access.redhat.com/errata/RHSA-2025:10344
- https://access.redhat.com/errata/RHSA-2025:10346
- https://access.redhat.com/errata/RHSA-2025:10347
- https://access.redhat.com/errata/RHSA-2025:10348
- https://access.redhat.com/errata/RHSA-2025:10349
- https://access.redhat.com/errata/RHSA-2025:10350
- https://access.redhat.com/errata/RHSA-2025:10351
- https://access.redhat.com/errata/RHSA-2025:10352
- https://access.redhat.com/errata/RHSA-2025:10355
- https://access.redhat.com/errata/RHSA-2025:10356
- https://access.redhat.com/errata/RHSA-2025:10360
- https://access.redhat.com/errata/RHSA-2025:10370
- https://access.redhat.com/errata/RHSA-2025:10374
- https://access.redhat.com/errata/RHSA-2025:10375
- https://access.redhat.com/errata/RHSA-2025:10376
- https://access.redhat.com/errata/RHSA-2025:10377
- https://access.redhat.com/errata/RHSA-2025:10378
- https://access.redhat.com/errata/RHSA-2025:10381
- https://access.redhat.com/errata/RHSA-2025:10410
- https://access.redhat.com/errata/RHSA-2025:9303
- https://access.redhat.com/errata/RHSA-2025:9304
- https://access.redhat.com/errata/RHSA-2025:9305
- https://access.redhat.com/errata/RHSA-2025:9306
- https://access.redhat.com/errata/RHSA-2025:9392
- https://access.redhat.com/errata/RHSA-2025:9964
- https://bugzilla.redhat.com/show_bug.cgi?id=2369954
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe62cb1e2b10400d9
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f997783a3714c4fe1
Affected packages
Git / gitlab.freedesktop.org/xorg/xserver
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.freedesktop.org/xorg/xserver
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
Other
DAMAGE-XFIXES-BASE
DRI-XFree86-4_3_99_12-merge
DRI-trunk-20040613
DRI-trunk-20040721
DRM-1_0_5
DRM-20040613
DRM-20040721
DRM-20050615
DRM-20051017
DRM-2_0_0
Domain-base
Domain-sync1
Domain-sync2
Domain-sync3
Domain-sync4
MODULAR_COPY
PRE_xf86-4_3_0_1
XACE-SELINUX-BASE
XACE-SELINUX-MERGE
XEVIE-BASE
XEVIE-MERGE
XORG-6_7_99_1
XORG-6_7_99_2
XORG-6_7_99_901
XORG-6_7_99_902
XORG-6_7_99_903
XORG-6_7_99_904
XORG-6_8_0
XORG-6_8_99_1
XORG-6_8_99_10
XORG-6_8_99_11
XORG-6_8_99_12
XORG-6_8_99_13
XORG-6_8_99_14
XORG-6_8_99_15
XORG-6_8_99_16
XORG-6_8_99_2
XORG-6_8_99_3
XORG-6_8_99_4
XORG-6_8_99_5
XORG-6_8_99_6
XORG-6_8_99_7
XORG-6_8_99_8
XORG-6_8_99_9
XORG-6_8_99_900
XORG-6_8_99_901
XORG-6_8_99_902
XORG-6_8_99_903
XORG-6_99_99_900
XORG-6_99_99_901
XORG-6_99_99_902
XORG-6_99_99_903
XORG-6_99_99_904
XORG-7_0
XORG-7_0_99_901
XORG-CURRENT-CLOSED
XORG-CURRENT-premerge-release-1
XORG-MAIN
XORG-RELEASE-1-BASE
add-Xi
ah-20021030
ah-20021030-postdri
before-mesa-4_0-import
before_20040421_xprint_branch_landing
dhd-20010328
dhd-20010817
dhd-20020916
dri-0-1-branchpoint
dri-20020129-merge
dri-20020222-merge
kdrive-initial-import
keithp
lg3d-base
pre-R651-import
pre-xgldrop-merge
sco_port_update-base
xf-3_9_16Z
xf-3_9_16Za
xf-3_9_16d
xf-3_9_16e
xf-3_9_16f
xf-3_9_17
xf-3_9_17Z
xf-3_9_17a
xf-3_9_17b
xf-3_9_17c
xf-3_9_17d
xf-3_9_17e
xf-3_9_17f
xf-3_9_18
xf-3_9_18Z
xf-3_9_18Za
xf-3_9_18a
xf-3_9_18b
xf-4_0
xf-4_0-bindist
xf-4_0Z
xf-4_0_1
xf-4_0_1-bindist
xf-4_0_1Z
xf-4_0_1Za
xf-4_0_1Zb
xf-4_0_1Zc
xf-4_0_1a
xf-4_0_1b
xf-4_0_1c
xf-4_0_1d
xf-4_0_1e
xf-4_0_1f
xf-4_0_1g
xf-4_0_1h
xf-4_0_2
xf-4_0_2-bindist
xf-4_0_99_1
xf-4_0_99_2
xf-4_0_99_3
xf-4_0_99_900
xf-4_0a
xf-4_0b
xf-4_0c
xf-4_0d
xf-4_0e
xf-4_0f
xf-4_0g
xf-4_1_99_1
xf-4_1_99_2
xf-4_1_99_3
xf-4_1_99_4
xf-4_1_99_5
xf-4_1_99_6
xf-4_1_99_7
xf-4_2-bp
xf-4_2_0
xf-4_2_0-bindist
xf-4_2_0-bindist-1
xf-4_2_0_1
xf-4_2_1
xf-4_2_1_1
xf-4_2_99_1
xf-4_2_99_2
xf-4_2_99_3
xf-4_2_99_4
xf-4_2_99_901
xf-4_2_99_902
xf-4_3_0
xf-4_3_0_1
xf-4_3_99_1
xf-4_3_99_2
xf-4_3_99_3
xf-4_3_99_4
xf-4_3_99_5
xf-4_3_99_6
xf86-012804-2330
xf86-4_3_0_1
xf86-4_3_99_16
xf86-4_3_99_901
xf86-4_3_99_902
xf86-4_3_99_903
xf86-4_3_99_903_special
xf86-4_4_0
xf86-4_4_99_1
xfixes_2_branchpoint
xorg-server-0_99_1
xorg-server-1_0_99_1
xorg-server-1_0_99_2
xorg-server-1_0_99_901
xorg-server-1_1_99_1
xorg-server-1_1_99_2
xorg-server-1.*
xorg-server-1.1.99.3
xorg-server-1.10.0
xorg-server-1.10.99.901
xorg-server-1.10.99.902
xorg-server-1.11.0
xorg-server-1.11.99.1
xorg-server-1.11.99.2
xorg-server-1.11.99.901
xorg-server-1.11.99.902
xorg-server-1.11.99.903
xorg-server-1.12.0
xorg-server-1.12.99.901
xorg-server-1.12.99.902
xorg-server-1.12.99.903
xorg-server-1.12.99.904
xorg-server-1.12.99.905
xorg-server-1.13.0
xorg-server-1.13.99.901
xorg-server-1.13.99.902
xorg-server-1.14.0
xorg-server-1.14.99.1
xorg-server-1.14.99.2
xorg-server-1.14.99.3
xorg-server-1.14.99.901
xorg-server-1.14.99.902
xorg-server-1.14.99.903
xorg-server-1.14.99.904
xorg-server-1.14.99.905
xorg-server-1.15.0
xorg-server-1.15.99.901
xorg-server-1.15.99.902
xorg-server-1.15.99.903
xorg-server-1.15.99.904
xorg-server-1.16.0
xorg-server-1.16.99.901
xorg-server-1.16.99.902
xorg-server-1.17.0
xorg-server-1.17.99.901
xorg-server-1.17.99.902
xorg-server-1.18.0
xorg-server-1.18.99.2
xorg-server-1.18.99.901
xorg-server-1.18.99.902
xorg-server-1.19.0
xorg-server-1.19.99.901
xorg-server-1.19.99.902
xorg-server-1.19.99.903
xorg-server-1.19.99.904
xorg-server-1.19.99.905
xorg-server-1.2.99.0
xorg-server-1.20.0
xorg-server-1.3.99.0
xorg-server-1.5.99.1
xorg-server-1.6.99.900
xorg-server-1.6.99.901
xorg-server-1.7.99.1
xorg-server-1.7.99.2
xorg-server-1.7.99.901
xorg-server-1.7.99.902
xorg-server-1.8.0
xorg-server-1.8.99.901
xorg-server-1.8.99.902
xorg-server-1.8.99.903
xorg-server-1.8.99.904
xorg-server-1.8.99.905
xorg-server-1.8.99.906
xorg-server-1.9.0
xorg-server-1.9.99.901
xorg-server-1.9.99.902
xorg-server-1.9.99.903
xorg-server-21.*
xorg-server-21.0.99.1
Database specific
vanir_signatures
[
{
"target": {
"file": "os/io.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-49176-0572e8ee",
"digest": {
"line_hashes": [
"182823786977098366409302217333530673582",
"154810191870794324451644192573801968863",
"83435841226977355685695316489169373565",
"209207204629355008092238394252748886875"
],
"threshold": 0.9
},
"source": "https://gitlab.freedesktop.org/xorg/xserver@4fc4d76b2c7aaed61ed2653f997783a3714c4fe1"
},
{
"target": {
"file": "dix/dispatch.c",
"function": "Dispatch"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-49176-aa53b15f",
"digest": {
"length": 2118.0,
"function_hash": "328109495847255595650219015738438849915"
},
"source": "https://gitlab.freedesktop.org/xorg/xserver@03731b326a80b582e48d939fe62cb1e2b10400d9"
},
{
"target": {
"file": "os/io.c",
"function": "ReadRequestFromClient"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-49176-b8bdb675",
"digest": {
"length": 3794.0,
"function_hash": "217573844927959234738091807636518696754"
},
"source": "https://gitlab.freedesktop.org/xorg/xserver@03731b326a80b582e48d939fe62cb1e2b10400d9"
},
{
"target": {
"file": "dix/dispatch.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-49176-bb5832f3",
"digest": {
"line_hashes": [
"260268468008611515605791872528279353818",
"250608516570822694179727438468199714373",
"106456428700134498356074038584166000270",
"334726189835841312798232709627874587809",
"269332110073221313721547480569263021199",
"233984613560325487700579174381649087165",
"286877403121508028132509870409499941902",
"227612271064329235077479141912679517449",
"120750059293185455383180475856724524960",
"229918960012081093482456313312807301004"
],
"threshold": 0.9
},
"source": "https://gitlab.freedesktop.org/xorg/xserver@03731b326a80b582e48d939fe62cb1e2b10400d9"
},
{
"target": {
"file": "os/io.c",
"function": "ReadRequestFromClient"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-49176-fbb2c757",
"digest": {
"length": 3872.0,
"function_hash": "242135676191389341347988503566702609595"
},
"source": "https://gitlab.freedesktop.org/xorg/xserver@4fc4d76b2c7aaed61ed2653f997783a3714c4fe1"
}
]