CVE-2025-26600 is a use-after-free vulnerability affecting X.Org and Xwayland. It arises when a device is removed while frozen, but its queued events remain and are replayed after the device memory is freed, causing a use-after-free condition. This can lead to high impact on system confidentiality, integrity, and availability. The vulnerability is part of a set of related flaws addressed in recent Red Hat security advisories for TigerVNC and Xwayland components. The advisories provide updated packages for Red Hat Enterprise Linux 8 and 9 to remediate this and related vulnerabilities.

The vulnerability can cause a use-after-free condition leading to potential compromise of confidentiality, integrity, and availability of affected systems. The CVSS 3.1 base score of 7.8 reflects high severity with local attack vector, low attack complexity, and requiring low privileges but no user interaction. Exploitation could allow an attacker with local access to cause memory corruption, potentially leading to arbitrary code execution or denial of service. There are no known exploits in the wild at this time.

Official patches addressing CVE-2025-26600 are available from Red Hat as part of security updates for TigerVNC and Xwayland in Red Hat Enterprise Linux 8 and 9. Administrators should apply these updates promptly following Red Hat's guidance at https://access.redhat.com/articles/11258. The vendor advisories confirm the availability of fixes and recommend updating affected packages to remediate the vulnerability. No additional mitigation steps are indicated beyond applying the official patches.