CVE-2025-26595
Publication date 25 February 2025
Last updated 26 February 2025
Ubuntu priority
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| xorg | 24.10 oracular |
Not affected
|
| 24.04 LTS noble |
Not affected
|
|
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| xorg-hwe-16.04 | 24.10 oracular | Not in release |
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 16.04 LTS xenial |
Not affected
|
|
| xorg-hwe-18.04 | 24.10 oracular | Not in release |
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Not affected
|
|
| xorg-server | 24.10 oracular |
Fixed 2:21.1.13-2ubuntu1.2
|
| 24.04 LTS noble |
Fixed 2:21.1.12-1ubuntu1.2
|
|
| 22.04 LTS jammy |
Fixed 2:21.1.4-2ubuntu1.7~22.04.13
|
|
| 20.04 LTS focal |
Fixed 2:1.20.13-1ubuntu1~20.04.19
|
|
| 18.04 LTS bionic |
Needs evaluation
|
|
| 16.04 LTS xenial |
Needs evaluation
|
|
| xorg-server-hwe-16.04 | 24.10 oracular | Not in release |
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 16.04 LTS xenial |
Needs evaluation
|
|
| xorg-server-hwe-18.04 | 24.10 oracular | Not in release |
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Needs evaluation
|
|
| xwayland | 24.10 oracular |
Fixed 2:24.1.2-1ubuntu0.4
|
| 24.04 LTS noble |
Fixed 2:23.2.6-1ubuntu0.4
|
|
| 22.04 LTS jammy |
Fixed 2:22.1.1-1ubuntu0.17
|
|
| 20.04 LTS focal | Not in release |
Notes
mdeslaur
xorg server is actually the xorg-server package the xorg package only contains docs xwayland package contains parts of xorg-server
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
7.8 · High
|
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
Related Ubuntu Security Notices (USN)
- USN-7299-1
- X.Org X Server vulnerabilities
- 25 February 2025