Red Hat Security Advisory: xorg-x11-server-Xwayland update
Please update
AI Analysis
Technical Summary
This advisory addresses three vulnerabilities in the xorg-x11-server-Xwayland component of Red Hat Enterprise Linux 9. CVE-2025-62229 and CVE-2025-62230 are use-after-free vulnerabilities in XPresentNotify structure creation and Xkb client resource removal, respectively. CVE-2025-62231 is a value overflow in XkbSetCompatMap(). Red Hat has released updated packages (version 23.2.7-5.el9_6) to fix these issues across multiple architectures and product variants. The advisory does not provide a CVSS score but classifies the severity as moderate. No known exploits in the wild have been reported. The vendor recommends applying the update after ensuring all previous errata are applied.
Potential Impact
The vulnerabilities could lead to memory corruption issues such as use-after-free and integer overflow within the Xwayland server component, potentially causing application crashes or other unintended behavior. The advisory does not specify exploitation details or direct impact beyond these technical issues. No active exploitation is known at this time.
Mitigation Recommendations
Red Hat has provided fixed package updates for affected versions of Red Hat Enterprise Linux 9 and related variants. Users should apply these updates as per the vendor's instructions after ensuring all prior relevant errata are installed. The vendor advisory is the authoritative source for patch availability and remediation steps.
Red Hat Security Advisory: xorg-x11-server-Xwayland update
Description
Please update
Affected software
pkg:rpm/redhat/xorg-x11-server-XwaylandRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory addresses three vulnerabilities in the xorg-x11-server-Xwayland component of Red Hat Enterprise Linux 9. CVE-2025-62229 and CVE-2025-62230 are use-after-free vulnerabilities in XPresentNotify structure creation and Xkb client resource removal, respectively. CVE-2025-62231 is a value overflow in XkbSetCompatMap(). Red Hat has released updated packages (version 23.2.7-5.el9_6) to fix these issues across multiple architectures and product variants. The advisory does not provide a CVSS score but classifies the severity as moderate. No known exploits in the wild have been reported. The vendor recommends applying the update after ensuring all previous errata are applied.
Potential Impact
The vulnerabilities could lead to memory corruption issues such as use-after-free and integer overflow within the Xwayland server component, potentially causing application crashes or other unintended behavior. The advisory does not specify exploitation details or direct impact beyond these technical issues. No active exploitation is known at this time.
Mitigation Recommendations
Red Hat has provided fixed package updates for affected versions of Red Hat Enterprise Linux 9 and related variants. Users should apply these updates as per the vendor's instructions after ensuring all prior relevant errata are installed. The vendor advisory is the authoritative source for patch availability and remediation steps.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:19623
- Cve Count
- 3
- Additional Cves
- ["CVE-2025-62230","CVE-2025-62231"]
- Cvss Version
- null
Threat ID: 6a3da1df4853345fc182b038
Added to database: 06/25/2026, 21:47:11 UTC
Last enriched: 06/25/2026, 22:25:32 UTC
Last updated: 07/03/2026, 08:51:22 UTC
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.