CVE-2025-49178

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-49178
A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2025:9303
https://access.redhat.com/errata/RHSA-2025:9304
https://access.redhat.com/errata/RHSA-2025:9305
https://access.redhat.com/errata/RHSA-2025:9306
https://access.redhat.com/security/cve/CVE-2025-49178
https://bugzilla.redhat.com/show_bug.cgi?id=2369977
Configurations

No configuration.

History

23 Jun 2025, 07:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:9303 -
  • () https://access.redhat.com/errata/RHSA-2025:9304 -
  • () https://access.redhat.com/errata/RHSA-2025:9305 -
  • () https://access.redhat.com/errata/RHSA-2025:9306 -
Summary
  • (es) Se encontró una falla en el manejo de solicitudes del servidor X. Los "bytes a ignorar" distintos de cero en la solicitud de un cliente pueden provocar que el servidor omita el procesamiento de la solicitud de otro cliente, lo que puede conducir a una denegación de servicio.
References
  • () https://access.redhat.com/errata/RHSA-2025:9303 -
  • () https://access.redhat.com/errata/RHSA-2025:9304 -
  • () https://access.redhat.com/errata/RHSA-2025:9305 -
  • () https://access.redhat.com/errata/RHSA-2025:9306 -

17 Jun 2025, 20:50

Type Values Removed Values Added
References
  • {'url': 'https://access.redhat.com/errata/RHSA-2025:9303', 'source': 'secalert@redhat.com'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2025:9304', 'source': 'secalert@redhat.com'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2025:9305', 'source': 'secalert@redhat.com'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2025:9306', 'source': 'secalert@redhat.com'}

17 Jun 2025, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-17 15:15

Updated : 2025-06-23 07:15

NVD link : CVE-2025-49178

Mitre link : CVE-2025-49178

CVE.ORG link : CVE-2025-49178

JSON object : View

Products Affected

No product.

CWE
CWE-667

Improper Locking