Vulnerability CVE-2025-26601: Information

Description

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers.

Severity: HIGH (7.8)

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2025-26601

Published: Feb. 25, 2025

Modified: April 6, 2026

Error type identifier: CWE-416

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
tigervnc	sisyphus	1.16.2-alt2	1.16.2-alt2	ALT-PU-2026-8622-1	419847	Fixed
tigervnc	p11	1.16.2-alt2	1.16.2-alt2	ALT-PU-2026-8624-2	419848	Fixed
tigervnc	c10f2	1.16.2-alt2	1.16.2-alt2	ALT-PU-2026-8643-3	419936	Fixed
tigervnc	c9f2	1.16.2-alt2	1.13.1-alt2	ALT-PU-2026-8744-2	420235	Testing
xorg-server	sisyphus	21.1.16-alt1	21.1.23-alt1	ALT-PU-2025-16667-1	376103	Fixed
xorg-server	p11	21.1.16-alt1	21.1.22-alt1	ALT-PU-2025-16471-1	376131	Fixed
xorg-server	p10	1.20.14-alt15	1.20.14-alt19	ALT-PU-2025-3550-3	376143	Fixed
xorg-server	p10_e2k	1.20.14-alt15.E2K.1	1.20.14-alt19.E2K.1	ALT-PU-2025-4776-1	-	Fixed
xorg-server	c10f2	1.20.14-alt15	1.20.14-alt19	ALT-PU-2025-3653-4	376349	Fixed
xorg-xwayland	sisyphus	24.1.6-alt1	24.1.12-alt1	ALT-PU-2025-16899-1	376103	Fixed
xorg-xwayland	p11	24.1.6-alt1	24.1.10-alt1	ALT-PU-2025-16475-1	376131	Fixed
xorg-xwayland	p10	23.1.1-alt7	23.1.1-alt11	ALT-PU-2025-3552-3	376143	Fixed
xorg-xwayland	p10_e2k	23.1.1-alt9	23.1.1-alt11	ALT-PU-2025-13005-1	-	Fixed
xorg-xwayland	c10f2	23.1.1-alt7	23.1.1-alt11	ALT-PU-2025-3655-4	376349	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://access.redhat.com/errata/RHSA-2025:2500	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2502	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2861	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2862	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2865	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2866	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2873	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2874	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2875	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2879	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2880	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:3976
https://access.redhat.com/errata/RHSA-2025:7163
https://access.redhat.com/errata/RHSA-2025:7165
https://access.redhat.com/errata/RHSA-2025:7458
https://access.redhat.com/security/cve/CVE-2025-26601	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2345251	Issue Tracking
https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html
https://security.netapp.com/advisory/ntap-20250516-0004/
BDU:2025-04569	BDU

Affected configurations:
1. cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*
  cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*
  End excluding
  21.1.16
  cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*
  End excluding
  24.1.6
  cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

Version: v26.6.1