目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

CVE-2025-62230— Red Hat Enterprise Linux 资源管理错误漏洞

CVSS 7.3 · High EPSS 0.01% · P2
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2025-62230の基本情報

脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
Xorg: xwayland: use-after-free in xkb client resource removal
ソース: NVD (National Vulnerability Database)
脆弱性説明
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
释放后使用
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Red Hat Enterprise Linux 资源管理错误漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Red Hat Enterprise Linux是美国红帽(Red Hat)公司的面向企业用户的Linux操作系统。 Red Hat Enterprise Linux存在资源管理错误漏洞,该漏洞源于清理客户端资源时释放了某些数据结构而未正确分离相关资源,可能导致释放后重用和内存损坏。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
X.OrgXwayland 0 ~ 24.1.9 -
Red HatRed Hat Enterprise Linux 10 0:24.1.5-5.el10_0 ~ * cpe:/o:redhat:enterprise_linux:10.0
Red HatRed Hat Enterprise Linux 10 0:24.1.5-5.el10_1 ~ * cpe:/o:redhat:enterprise_linux:10.1
Red HatRed Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION 0:1.1.0-25.el6_10.15 ~ * cpe:/o:redhat:rhel_els:6
Red HatRed Hat Enterprise Linux 7 Extended Lifecycle Support 0:1.20.4-33.el7_9 ~ * cpe:/o:redhat:rhel_els:7
Red HatRed Hat Enterprise Linux 7 Extended Lifecycle Support 0:1.8.0-36.el7_9.3 ~ * cpe:/o:redhat:rhel_els:7
Red HatRed Hat Enterprise Linux 8 0:21.1.3-19.el8_10 ~ * cpe:/a:redhat:enterprise_linux:8::appstream
Red HatRed Hat Enterprise Linux 8 0:1.20.11-27.el8_10 ~ * cpe:/a:redhat:enterprise_linux:8::appstream
Red HatRed Hat Enterprise Linux 8 0:1.15.0-8.el8_10 ~ * cpe:/a:redhat:enterprise_linux:8::appstream
Red HatRed Hat Enterprise Linux 8.2 Advanced Update Support 0:1.9.0-15.el8_2.15 ~ * cpe:/a:redhat:rhel_aus:8.2::appstream
Red HatRed Hat Enterprise Linux 8.2 Advanced Update Support 0:1.20.6-5.el8_2 ~ * cpe:/a:redhat:rhel_aus:8.2::appstream
Red HatRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 0:1.11.0-8.el8_4.14 ~ * cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red HatRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 0:1.20.10-3.el8_4 ~ * cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red HatRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 0:1.11.0-8.el8_4.14 ~ * cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red HatRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 0:1.20.10-3.el8_4 ~ * cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red HatRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 0:1.12.0-6.el8_6.15 ~ * cpe:/a:redhat:rhel_tus:8.6::appstream
Red HatRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 0:1.20.11-6.el8_6 ~ * cpe:/a:redhat:rhel_tus:8.6::appstream
Red HatRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 0:21.1.3-2.el8_6.5 ~ * cpe:/a:redhat:rhel_tus:8.6::appstream
Red HatRed Hat Enterprise Linux 8.6 Telecommunications Update Service 0:1.12.0-6.el8_6.15 ~ * cpe:/a:redhat:rhel_tus:8.6::appstream
Red HatRed Hat Enterprise Linux 8.6 Telecommunications Update Service 0:1.20.11-6.el8_6 ~ * cpe:/a:redhat:rhel_tus:8.6::appstream
Red HatRed Hat Enterprise Linux 8.6 Telecommunications Update Service 0:21.1.3-2.el8_6.5 ~ * cpe:/a:redhat:rhel_tus:8.6::appstream
Red HatRed Hat Enterprise Linux 8.6 Update Services for SAP Solutions 0:1.12.0-6.el8_6.15 ~ * cpe:/a:redhat:rhel_tus:8.6::appstream
Red HatRed Hat Enterprise Linux 8.6 Update Services for SAP Solutions 0:1.20.11-6.el8_6 ~ * cpe:/a:redhat:rhel_tus:8.6::appstream
Red HatRed Hat Enterprise Linux 8.6 Update Services for SAP Solutions 0:21.1.3-2.el8_6.5 ~ * cpe:/a:redhat:rhel_tus:8.6::appstream
Red HatRed Hat Enterprise Linux 8.8 Telecommunications Update Service 0:1.12.0-15.el8_8.16 ~ * cpe:/a:redhat:rhel_tus:8.8::appstream
Red HatRed Hat Enterprise Linux 8.8 Telecommunications Update Service 0:1.20.11-17.el8_8 ~ * cpe:/a:redhat:rhel_tus:8.8::appstream
Red HatRed Hat Enterprise Linux 8.8 Telecommunications Update Service 0:21.1.3-12.el8_8 ~ * cpe:/a:redhat:rhel_tus:8.8::appstream
Red HatRed Hat Enterprise Linux 8.8 Update Services for SAP Solutions 0:1.12.0-15.el8_8.16 ~ * cpe:/a:redhat:rhel_tus:8.8::appstream
Red HatRed Hat Enterprise Linux 8.8 Update Services for SAP Solutions 0:1.20.11-17.el8_8 ~ * cpe:/a:redhat:rhel_tus:8.8::appstream
Red HatRed Hat Enterprise Linux 8.8 Update Services for SAP Solutions 0:21.1.3-12.el8_8 ~ * cpe:/a:redhat:rhel_tus:8.8::appstream
Red HatRed Hat Enterprise Linux 9 0:1.20.11-32.el9_6 ~ * cpe:/a:redhat:enterprise_linux:9::appstream
Red HatRed Hat Enterprise Linux 9 0:1.14.1-9.el9_6 ~ * cpe:/a:redhat:enterprise_linux:9::appstream
Red HatRed Hat Enterprise Linux 9 0:23.2.7-5.el9_6 ~ * cpe:/a:redhat:enterprise_linux:9::appstream
Red HatRed Hat Enterprise Linux 9 0:1.15.0-6.el9_7 ~ * cpe:/a:redhat:enterprise_linux:9::appstream
Red HatRed Hat Enterprise Linux 9 0:23.2.7-5.el9_7 ~ * cpe:/a:redhat:enterprise_linux:9::appstream
Red HatRed Hat Enterprise Linux 9 0:1.20.11-32.el9_7 ~ * cpe:/a:redhat:enterprise_linux:9::appstream
Red HatRed Hat Enterprise Linux 9.0 Update Services for SAP Solutions 0:1.11.0-22.el9_0.16 ~ * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red HatRed Hat Enterprise Linux 9.0 Update Services for SAP Solutions 0:1.20.11-12.el9_0 ~ * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red HatRed Hat Enterprise Linux 9.0 Update Services for SAP Solutions 0:21.1.3-4.el9_0 ~ * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red HatRed Hat Enterprise Linux 9.2 Update Services for SAP Solutions 0:1.12.0-14.el9_2.13 ~ * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red HatRed Hat Enterprise Linux 9.2 Update Services for SAP Solutions 0:1.20.11-19.el9_2 ~ * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red HatRed Hat Enterprise Linux 9.2 Update Services for SAP Solutions 0:21.1.3-9.el9_2 ~ * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red HatRed Hat Enterprise Linux 9.4 Extended Update Support 0:1.13.1-8.el9_4.8 ~ * cpe:/a:redhat:rhel_eus:9.4::appstream
Red HatRed Hat Enterprise Linux 9.4 Extended Update Support 0:1.20.11-27.el9_4 ~ * cpe:/a:redhat:rhel_eus:9.4::appstream
Red HatRed Hat Enterprise Linux 9.4 Extended Update Support 0:22.1.9-7.el9_4 ~ * cpe:/a:redhat:rhel_eus:9.4::appstream
Red HatRed Hat Enterprise Linux 6-cpe:/o:redhat:enterprise_linux:6

II. CVE-2025-62230の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2025-62230のインテリジェンス情報

登录查看更多情报信息。

Same Patch Batch · X.Org · 2025-10-30 · 3 CVEs total

CVE-2025-622317.3 HIGHXorg: xmayland: value overflow in xkbsetcompatmap()
CVE-2025-622297.3 HIGHXorg: xmayland: use-after-free in xpresentnotify structure creation

IV. 関連脆弱性

同じ製品: Xwayland
同じベンダー: X.Org
同じ弱点: CWE-416

V. CVE-2025-62230へのコメント

まだコメントはありません

コメントを残す