Security Advisory

CVE-2025-26594

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-25 15:53:51
Last updated 2026-06-29 20:36:40
Assigner redhat
State PUBLISHED

Description

A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free.