UA-FAULT: X.Org X Server X11 Present Extension UseAfterFree (CVE202562229)
CVE-2025-62229 Published on October 30, 2025

Xorg: xmayland: use-after-free in xpresentnotify structure creation
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2025-62229 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a high impact on integrity and availability.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

HIGH

Availability Impact:

HIGH

Timeline

2025-10-09

Reported to Red Hat.

2025-10-29

Made public. 20 days later.

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2025-62229 has been classified to as a Dangling pointer vulnerability or weakness.

Products Associated with CVE-2025-62229

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-62229 are published in these products:

Red Hat Enterprise Linux (RHEL)

Red Hat Rhel Tus

Red Hat Rhel E4s

Red Hat Rhel Aus

Red Hat Rhel Eus

Red Hat Rhel Els

Red Hat Rhel Eus Long Life

Affected Versions

X.Org Xwayland:

Version 1.15.0 and below 24.1.9 is affected.

Red Hat Enterprise Linux 10:

Version 0:24.1.5-5.el10_0 and below * is unaffected.

Red Hat Enterprise Linux 10:

Version 0:24.1.5-5.el10_1 and below * is unaffected.

Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION:

Version 0:1.1.0-25.el6_10.15 and below * is unaffected.

Red Hat Enterprise Linux 7 Extended Lifecycle Support:

Version 0:1.20.4-33.el7_9 and below * is unaffected.

Red Hat Enterprise Linux 7 Extended Lifecycle Support:

Version 0:1.8.0-36.el7_9.3 and below * is unaffected.

Red Hat Enterprise Linux 8:

Version 0:21.1.3-19.el8_10 and below * is unaffected.

Red Hat Enterprise Linux 8:

Version 0:1.20.11-27.el8_10 and below * is unaffected.

Red Hat Enterprise Linux 8:

Version 0:1.15.0-8.el8_10 and below * is unaffected.

Red Hat Enterprise Linux 8.2 Advanced Update Support:

Version 0:1.9.0-15.el8_2.15 and below * is unaffected.

Red Hat Enterprise Linux 8.2 Advanced Update Support:

Version 0:1.20.6-5.el8_2 and below * is unaffected.

Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support:

Version 0:1.11.0-8.el8_4.14 and below * is unaffected.

Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support:

Version 0:1.20.10-3.el8_4 and below * is unaffected.

Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On:

Version 0:1.11.0-8.el8_4.14 and below * is unaffected.

Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On:

Version 0:1.20.10-3.el8_4 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support:

Version 0:1.12.0-6.el8_6.15 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support:

Version 0:1.20.11-6.el8_6 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support:

Version 0:21.1.3-2.el8_6.5 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Telecommunications Update Service:

Version 0:1.12.0-6.el8_6.15 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Telecommunications Update Service:

Version 0:1.20.11-6.el8_6 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Telecommunications Update Service:

Version 0:21.1.3-2.el8_6.5 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions:

Version 0:1.12.0-6.el8_6.15 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions:

Version 0:1.20.11-6.el8_6 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions:

Version 0:21.1.3-2.el8_6.5 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Telecommunications Update Service:

Version 0:1.12.0-15.el8_8.16 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Telecommunications Update Service:

Version 0:1.20.11-17.el8_8 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Telecommunications Update Service:

Version 0:21.1.3-12.el8_8 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions:

Version 0:1.12.0-15.el8_8.16 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions:

Version 0:1.20.11-17.el8_8 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions:

Version 0:21.1.3-12.el8_8 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:1.20.11-32.el9_6 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:1.14.1-9.el9_6 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:23.2.7-5.el9_6 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:1.15.0-6.el9_7 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:23.2.7-5.el9_7 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:1.20.11-32.el9_7 and below * is unaffected.

Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions:

Version 0:1.11.0-22.el9_0.16 and below * is unaffected.

Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions:

Version 0:1.20.11-12.el9_0 and below * is unaffected.

Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions:

Version 0:21.1.3-4.el9_0 and below * is unaffected.

Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions:

Version 0:1.12.0-14.el9_2.13 and below * is unaffected.

Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions:

Version 0:1.20.11-19.el9_2 and below * is unaffected.

Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions:

Version 0:21.1.3-9.el9_2 and below * is unaffected.

Red Hat Enterprise Linux 9.4 Extended Update Support:

Version 0:1.13.1-8.el9_4.8 and below * is unaffected.

Red Hat Enterprise Linux 9.4 Extended Update Support:

Version 0:1.20.11-27.el9_4 and below * is unaffected.

Red Hat Enterprise Linux 9.4 Extended Update Support:

Version 0:22.1.9-7.el9_4 and below * is unaffected.

Red Hat Enterprise Linux 6:

Exploit Probability

EPSS

0.01%

Percentile

0.75%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

UA-FAULT: X.Org X Server X11 Present Extension UseAfterFree (CVE202562229)CVE-2025-62229 Published on October 30, 2025

Vulnerability Analysis

Timeline

Weakness Type

What is a Dangling pointer Vulnerability?

Products Associated with CVE-2025-62229

Affected Versions

Exploit Probability

UA-FAULT: X.Org X Server X11 Present Extension UseAfterFree (CVE202562229)
CVE-2025-62229 Published on October 30, 2025