X.Org X Server Xkb Extension Use-After-Free on Client Cleanup
CVE-2025-62230 Published on October 30, 2025

Xorg: xwayland: use-after-free in xkb client resource removal
A flaw was discovered in the X.Org X servers X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2025-62230 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity, and a high impact on availability.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

LOW

Availability Impact:

HIGH

Timeline

2025-10-09

Reported to Red Hat.

2025-10-29

Made public. 20 days later.

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2025-62230 has been classified to as a Dangling pointer vulnerability or weakness.

Products Associated with CVE-2025-62230

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-62230 are published in these products:

Red Hat Enterprise Linux (RHEL)

Xorg Server

Red Hat Rhel Tus

Red Hat Rhel E4s

Red Hat Rhel Aus

Red Hat Rhel Eus

Red Hat Rhel Els

Red Hat Rhel Eus Long Life

Affected Versions

X.Org Xwayland:

Before 24.1.9 is affected.

Red Hat Enterprise Linux 10:

Version 0:24.1.5-5.el10_0 and below * is unaffected.

Red Hat Enterprise Linux 10:

Version 0:24.1.5-5.el10_1 and below * is unaffected.

Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION:

Version 0:1.1.0-25.el6_10.15 and below * is unaffected.

Red Hat Enterprise Linux 7 Extended Lifecycle Support:

Version 0:1.20.4-33.el7_9 and below * is unaffected.

Red Hat Enterprise Linux 7 Extended Lifecycle Support:

Version 0:1.8.0-36.el7_9.3 and below * is unaffected.

Red Hat Enterprise Linux 8:

Version 0:21.1.3-19.el8_10 and below * is unaffected.

Red Hat Enterprise Linux 8:

Version 0:1.20.11-27.el8_10 and below * is unaffected.

Red Hat Enterprise Linux 8:

Version 0:1.15.0-8.el8_10 and below * is unaffected.

Red Hat Enterprise Linux 8.2 Advanced Update Support:

Version 0:1.9.0-15.el8_2.15 and below * is unaffected.

Red Hat Enterprise Linux 8.2 Advanced Update Support:

Version 0:1.20.6-5.el8_2 and below * is unaffected.

Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support:

Version 0:1.11.0-8.el8_4.14 and below * is unaffected.

Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support:

Version 0:1.20.10-3.el8_4 and below * is unaffected.

Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On:

Version 0:1.11.0-8.el8_4.14 and below * is unaffected.

Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On:

Version 0:1.20.10-3.el8_4 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support:

Version 0:1.12.0-6.el8_6.15 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support:

Version 0:1.20.11-6.el8_6 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support:

Version 0:21.1.3-2.el8_6.5 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Telecommunications Update Service:

Version 0:1.12.0-6.el8_6.15 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Telecommunications Update Service:

Version 0:1.20.11-6.el8_6 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Telecommunications Update Service:

Version 0:21.1.3-2.el8_6.5 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions:

Version 0:1.12.0-6.el8_6.15 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions:

Version 0:1.20.11-6.el8_6 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions:

Version 0:21.1.3-2.el8_6.5 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Telecommunications Update Service:

Version 0:1.12.0-15.el8_8.16 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Telecommunications Update Service:

Version 0:1.20.11-17.el8_8 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Telecommunications Update Service:

Version 0:21.1.3-12.el8_8 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions:

Version 0:1.12.0-15.el8_8.16 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions:

Version 0:1.20.11-17.el8_8 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions:

Version 0:21.1.3-12.el8_8 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:1.20.11-32.el9_6 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:1.14.1-9.el9_6 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:23.2.7-5.el9_6 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:1.15.0-6.el9_7 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:23.2.7-5.el9_7 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:1.20.11-32.el9_7 and below * is unaffected.

Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions:

Version 0:1.11.0-22.el9_0.16 and below * is unaffected.

Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions:

Version 0:1.20.11-12.el9_0 and below * is unaffected.

Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions:

Version 0:21.1.3-4.el9_0 and below * is unaffected.

Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions:

Version 0:1.12.0-14.el9_2.13 and below * is unaffected.

Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions:

Version 0:1.20.11-19.el9_2 and below * is unaffected.

Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions:

Version 0:21.1.3-9.el9_2 and below * is unaffected.

Red Hat Enterprise Linux 9.4 Extended Update Support:

Version 0:1.13.1-8.el9_4.8 and below * is unaffected.

Red Hat Enterprise Linux 9.4 Extended Update Support:

Version 0:1.20.11-27.el9_4 and below * is unaffected.

Red Hat Enterprise Linux 9.4 Extended Update Support:

Version 0:22.1.9-7.el9_4 and below * is unaffected.

Red Hat Enterprise Linux 6:

Exploit Probability

EPSS

0.01%

Percentile

1.14%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

X.Org X Server Xkb Extension Use-After-Free on Client CleanupCVE-2025-62230 Published on October 30, 2025

Vulnerability Analysis

Timeline

Weakness Type

What is a Dangling pointer Vulnerability?

Products Associated with CVE-2025-62230

Affected Versions

Exploit Probability

X.Org X Server Xkb Extension Use-After-Free on Client Cleanup
CVE-2025-62230 Published on October 30, 2025