关键漏洞信息 漏洞概述 公告编号: RHSA-2025:10350 发布日期: 2025-07-07 更新日期: 2025-07-07 类型/严重性: 安全公告,重要 影响的产品 Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x 漏洞详情 CVE编号: - CVE-2025-49175 - CVE-2025-49176 - CVE-2025-49178 - CVE-2025-49179 - CVE-2025-49180 修复的Bugzilla问题: - BZ #2369947: CVE-2025-49175 xorg-x11-server-Xwayland: xorg-x11-server-tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors - BZ #2369954: CVE-2025-49176 xorg-x11-server-Xwayland: xorg-x11-server-tigervnc: Integer Overflow in Big Requests Extension - BZ #2369977: CVE-2025-49178 xorg-x11-server-Xwayland: xorg-x11-server-tigervnc: Unprocessed Client Request Due to Bytes to Ignore - BZ #2369978: CVE-2025-49179 xorg-x11-server-Xwayland: xorg-x11-server-tigervnc: Integer overflow in X Record extension - BZ #2369980: CVE-2025-49180 xorg-x11-server-Xwayland: xorg-x11-server-tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension 解决方案 参考链接: https://access.redhat.com/articles/11250 参考资料 https://access.redhat.com/security/updates/classification/#important