SUSE-SU-2025:01981-1
- Source
- https://www.suse.com/support/update/announcement/2025/suse-su-202501981-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:01981-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2025:01981-1
- Related
- Published
- 2025-06-17T15:30:54Z
- Modified
- 2025-06-18T12:59:27.342167Z
- Upstream
- Summary
- Security update for xorg-x11-server
- Details
-
This update for xorg-x11-server fixes the following issues:
- CVE-2025-49175: Out-of-bounds access in X Rendering extension (Animated cursors) (bsc#1244082).
- CVE-2025-49176: Integer overflow in Big Requests Extension (bsc#1244084).
- CVE-2025-49177: Data leak in XFIXES Extension 6 (XFixesSetClientDisconnectMode) (bsc#1244085).
- CVE-2025-49178: Unprocessed client request via bytes to ignore (bsc#1244087).
- CVE-2025-49179: Integer overflow in X Record extension (bsc#1244089).
- CVE-2025-49180: Integer overflow in RandR extension (RRChangeProviderProperty) (bsc#1244090).
- References
-
- https://www.suse.com/support/update/announcement/2025/suse-su-202501981-1/
- https://bugzilla.suse.com/1244082
- https://bugzilla.suse.com/1244084
- https://bugzilla.suse.com/1244085
- https://bugzilla.suse.com/1244087
- https://bugzilla.suse.com/1244089
- https://bugzilla.suse.com/1244090
- https://www.suse.com/security/cve/CVE-2025-49175
- https://www.suse.com/security/cve/CVE-2025-49176
- https://www.suse.com/security/cve/CVE-2025-49177
- https://www.suse.com/security/cve/CVE-2025-49178
- https://www.suse.com/security/cve/CVE-2025-49179
- https://www.suse.com/security/cve/CVE-2025-49180
Affected packages
SUSE:Linux Enterprise Module for Basesystem 15 SP7 / xorg-x11-server
Package
- Name
- xorg-x11-server
- Purl
- pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7