Vulnerability CVE-2025-26599: Information

Description

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an uninitialized pointer later.

Severity: HIGH (7.8)

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2025-26599

Published: Feb. 25, 2025

Modified: April 6, 2026

Error type identifier: CWE-824

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
tigervnc	sisyphus	1.16.2-alt2	1.16.2-alt2	ALT-PU-2026-8622-1	419847	Fixed
tigervnc	p11	1.16.2-alt2	1.16.2-alt2	ALT-PU-2026-8624-2	419848	Fixed
tigervnc	c10f2	1.16.2-alt2	1.16.2-alt2	ALT-PU-2026-8643-3	419936	Fixed
tigervnc	c9f2	1.16.2-alt2	1.13.1-alt2	ALT-PU-2026-8744-2	420235	Testing
xorg-server	sisyphus	21.1.16-alt1	21.1.23-alt1	ALT-PU-2025-16667-1	376103	Fixed
xorg-server	p11	21.1.16-alt1	21.1.22-alt1	ALT-PU-2025-16471-1	376131	Fixed
xorg-server	p10	1.20.14-alt15	1.20.14-alt19	ALT-PU-2025-3550-3	376143	Fixed
xorg-server	p10_e2k	1.20.14-alt15.E2K.1	1.20.14-alt19.E2K.1	ALT-PU-2025-4776-1	-	Fixed
xorg-server	c10f2	1.20.14-alt15	1.20.14-alt19	ALT-PU-2025-3653-4	376349	Fixed
xorg-xwayland	sisyphus	24.1.6-alt1	24.1.12-alt1	ALT-PU-2025-16899-1	376103	Fixed
xorg-xwayland	p11	24.1.6-alt1	24.1.10-alt1	ALT-PU-2025-16475-1	376131	Fixed
xorg-xwayland	p10	23.1.1-alt7	23.1.1-alt11	ALT-PU-2025-3552-3	376143	Fixed
xorg-xwayland	p10_e2k	23.1.1-alt9	23.1.1-alt11	ALT-PU-2025-13005-1	-	Fixed
xorg-xwayland	c10f2	23.1.1-alt7	23.1.1-alt11	ALT-PU-2025-3655-4	376349	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://access.redhat.com/errata/RHSA-2025:2500	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2502	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2861	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2862	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2865	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2866	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2873	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2874	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2875	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2879	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2880	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:3976
https://access.redhat.com/errata/RHSA-2025:7163
https://access.redhat.com/errata/RHSA-2025:7165
https://access.redhat.com/errata/RHSA-2025:7458
https://access.redhat.com/security/cve/CVE-2025-26599	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2345253	Issue Tracking
https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html
BDU:2025-04530	BDU

Affected configurations:
1. cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*
  cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*
  End excluding
  21.1.16
  cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*
  End excluding
  24.1.6
  cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

Version: v26.6.1