Security update for xorg-x11-server SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:0733-1 Final 1 1 2025-02-26T14:32:04Z current 2025-02-26T14:32:04Z 2025-02-26T14:32:04Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xorg-x11-server This update for xorg-x11-server fixes the following issues: - CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427). - CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429). - CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430). - CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431). - CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient() (bsc#1237432). - CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow() (bsc#1237433). - CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434). - CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-733,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-733,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-733,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-733,SUSE-SLE-Product-WE-15-SP6-2025-733,SUSE-Storage-7.1-2025-733 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20250733-1/ Link for SUSE-SU-2025:0733-1 https://lists.suse.com/pipermail/sle-security-updates/2025-February/020438.html E-Mail link for SUSE-SU-2025:0733-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1237427 SUSE Bug 1237427 https://bugzilla.suse.com/1237429 SUSE Bug 1237429 https://bugzilla.suse.com/1237430 SUSE Bug 1237430 https://bugzilla.suse.com/1237431 SUSE Bug 1237431 https://bugzilla.suse.com/1237432 SUSE Bug 1237432 https://bugzilla.suse.com/1237433 SUSE Bug 1237433 https://bugzilla.suse.com/1237434 SUSE Bug 1237434 https://bugzilla.suse.com/1237435 SUSE Bug 1237435 https://www.suse.com/security/cve/CVE-2025-26594/ SUSE CVE CVE-2025-26594 page https://www.suse.com/security/cve/CVE-2025-26595/ SUSE CVE CVE-2025-26595 page https://www.suse.com/security/cve/CVE-2025-26596/ SUSE CVE CVE-2025-26596 page https://www.suse.com/security/cve/CVE-2025-26597/ SUSE CVE CVE-2025-26597 page https://www.suse.com/security/cve/CVE-2025-26598/ SUSE CVE CVE-2025-26598 page https://www.suse.com/security/cve/CVE-2025-26599/ SUSE CVE CVE-2025-26599 page https://www.suse.com/security/cve/CVE-2025-26600/ SUSE CVE CVE-2025-26600 page https://www.suse.com/security/cve/CVE-2025-26601/ SUSE CVE CVE-2025-26601 page SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise Server 15 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Workstation Extension 15 SP6 xorg-x11-server-1.20.3-150200.22.5.102.1 xorg-x11-server-extra-1.20.3-150200.22.5.102.1 xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 xorg-x11-server-source-1.20.3-150200.22.5.102.1 xorg-x11-server-wayland-1.20.3-150200.22.5.102.1 xorg-x11-server-1.20.3-150200.22.5.102.1 as a component of SUSE Enterprise Storage 7.1 xorg-x11-server-extra-1.20.3-150200.22.5.102.1 as a component of SUSE Enterprise Storage 7.1 xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 as a component of SUSE Enterprise Storage 7.1 xorg-x11-server-1.20.3-150200.22.5.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS xorg-x11-server-extra-1.20.3-150200.22.5.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS xorg-x11-server-1.20.3-150200.22.5.102.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS xorg-x11-server-extra-1.20.3-150200.22.5.102.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS xorg-x11-server-1.20.3-150200.22.5.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 xorg-x11-server-extra-1.20.3-150200.22.5.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 xorg-x11-server-wayland-1.20.3-150200.22.5.102.1 as a component of SUSE Linux Enterprise Workstation Extension 15 SP6 A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. CVE-2025-26594 SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.102.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250733-1/ https://www.suse.com/security/cve/CVE-2025-26594.html CVE-2025-26594 https://bugzilla.suse.com/1237427 SUSE Bug 1237427 A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size. CVE-2025-26595 SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.102.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250733-1/ https://www.suse.com/security/cve/CVE-2025-26595.html CVE-2025-26595 https://bugzilla.suse.com/1237429 SUSE Bug 1237429 A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow. CVE-2025-26596 SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.102.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250733-1/ https://www.suse.com/security/cve/CVE-2025-26596.html CVE-2025-26596 https://bugzilla.suse.com/1237430 SUSE Bug 1237430 A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size. CVE-2025-26597 SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.102.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250733-1/ https://www.suse.com/security/cve/CVE-2025-26597.html CVE-2025-26597 https://bugzilla.suse.com/1237431 SUSE Bug 1237431 An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, which can lead to out-of-bounds memory access. CVE-2025-26598 SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.102.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250733-1/ https://www.suse.com/security/cve/CVE-2025-26598.html CVE-2025-26598 https://bugzilla.suse.com/1237432 SUSE Bug 1237432 An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an uninitialized pointer later. CVE-2025-26599 SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.102.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250733-1/ https://www.suse.com/security/cve/CVE-2025-26599.html CVE-2025-26599 https://bugzilla.suse.com/1237433 SUSE Bug 1237433 A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free. CVE-2025-26600 SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.102.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250733-1/ https://www.suse.com/security/cve/CVE-2025-26600.html CVE-2025-26600 https://bugzilla.suse.com/1237434 SUSE Bug 1237434 A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers. CVE-2025-26601 SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.102.1 SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.102.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250733-1/ https://www.suse.com/security/cve/CVE-2025-26601.html CVE-2025-26601 https://bugzilla.suse.com/1237435 SUSE Bug 1237435