CVE编号: CVE-2025-62229 公开日期: October 29, 2025 严重程度: Moderate CVSS v3 分数: 7.3 Description A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service. Affected Packages Red Hat Enterprise Linux 6 - - (Out of support scope) Red Hat Enterprise Linux 7 - - Red Hat Enterprise Linux 8 - - - Red Hat Enterprise Linux 9 - CVSS Score Details CVSS v3 Base Score: 7.3 Attack Vector: Local Attack Complexity: Low Confidentiality Impact: Low Integrity Impact: High Availability Impact: High Weakness (CWE) CWE-416: Use After Free - Technical Impact: - Memory corruption - Crash, Exit, or Restart - Execute Unauthorized Code or Commands Acknowledgements Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue.