OESA-2026-2143

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2143

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2026-2143.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2026-2143

Upstream

CVE-2025-49176

Published

2026-05-03T09:55:56Z

Modified

2026-05-03T10:17:45.859403Z

Summary

xorg-x11-server-xwayland security update

Details

Xwayland is an X server for running X clients under Wayland. %package devel Summary: Development package Requires: pkgconfig %description devel The development package provides the developmental files which are necessary for developing Wayland compositors using Xwayland. %prep %autosetup -n xwayland- -p1 %build %meson \ -Dxwaylandeglstream=true \ -Ddefaultfontpath="catalogue:/etc/X11/fontpath.d,built-ins" \ -Dbuilderstring="Build ID: -" \ -Dxkboutputdir=/lib/xkb \ -Dxcsecurity=true \ -Dglamor=true \ -Ddri3=true %meson_build

Security Fix(es):

A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.(CVE-2025-49176)

Database specific

{
    "severity": "High"
}

References

Affected packages

openEuler:22.03-LTS-SP4 / xorg-x11-server-xwayland

Package

Name: xorg-x11-server-xwayland
Purl: pkg:rpm/openEuler/xorg-x11-server-xwayland&distro=openEuler-22.03-LTS-SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

xorg-x11-server-Xwayland-22.1.2-10.oe2203sp4

Ecosystem specific

{
    "aarch64": [
        "xorg-x11-server-Xwayland-22.1.2-10.oe2203sp4.aarch64.rpm",
        "xorg-x11-server-Xwayland-debuginfo-22.1.2-10.oe2203sp4.aarch64.rpm",
        "xorg-x11-server-Xwayland-debugsource-22.1.2-10.oe2203sp4.aarch64.rpm",
        "xorg-x11-server-Xwayland-devel-22.1.2-10.oe2203sp4.aarch64.rpm"
    ],
    "src": [
        "xorg-x11-server-Xwayland-22.1.2-10.oe2203sp4.src.rpm"
    ],
    "x86_64": [
        "xorg-x11-server-Xwayland-22.1.2-10.oe2203sp4.x86_64.rpm",
        "xorg-x11-server-Xwayland-debuginfo-22.1.2-10.oe2203sp4.x86_64.rpm",
        "xorg-x11-server-Xwayland-debugsource-22.1.2-10.oe2203sp4.x86_64.rpm",
        "xorg-x11-server-Xwayland-devel-22.1.2-10.oe2203sp4.x86_64.rpm"
    ]
}

Database specific

source

"https://repo.openeuler.org/security/data/osv/OESA-2026-2143.json"