CVE-2025-26598 — HIGH (7.8)

Q: How severe is CVE-2025-26598?

CVE-2025-26598 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-26598?

Check the references section above for vendor advisories and patch information. Affected products include: Tigervnc Tigervnc, X.Org X Server, X.Org Xwayland, Redhat Enterprise Linux.

Vulnerability Description

An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, which can lead to out-of-bounds memory access.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Tigervnc	Tigervnc	-
X.Org	X Server	< 21.1.16
X.Org	Xwayland	< 24.1.6
Redhat	Enterprise Linux	7.0

Related Weaknesses (CWE)

CWE-787

References

https://access.redhat.com/errata/RHSA-2025:2500Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2502Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2861Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2862Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2865Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2866Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2873Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2874Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2875Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2879Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:2880Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:3976
https://access.redhat.com/errata/RHSA-2025:7163
https://access.redhat.com/errata/RHSA-2025:7165
https://access.redhat.com/errata/RHSA-2025:7458

FAQ

What is CVE-2025-26598?

CVE-2025-26598 is a vulnerability with a CVSS score of 7.8 (HIGH). An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, ...

How severe is CVE-2025-26598?

CVE-2025-26598 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-26598?

Check the references section above for vendor advisories and patch information. Affected products include: Tigervnc Tigervnc, X.Org X Server, X.Org Xwayland, Redhat Enterprise Linux.