CVE-2025-49176
Published: June 18, 2025Last modified: August 6, 2025
Description
A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.3 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | LOW |
| Integrity impact | HIGH |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H |
Notes
Fixed by 21.1.17: https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe62cb1e2b10400d9 Followup 21.1.18: https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f997783a3714c4fe1
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | xorg-server | Fixed (21.1.18-r0) |
| 25 LTS | xorg-server | Fixed (21.1.18-r0) | |
| Stream | xorg-server | Fixed (21.1.18-r0) |
References
- http://www.openwall.com/lists/oss-security/2025/06/18/2
- https://access.redhat.com/errata/RHSA-2025:10258
- https://access.redhat.com/errata/RHSA-2025:10342
- https://access.redhat.com/errata/RHSA-2025:10343
- https://access.redhat.com/errata/RHSA-2025:10344
- https://access.redhat.com/errata/RHSA-2025:10346
- https://access.redhat.com/errata/RHSA-2025:10347
- https://access.redhat.com/errata/RHSA-2025:10348
- https://access.redhat.com/errata/RHSA-2025:10349
- https://access.redhat.com/errata/RHSA-2025:10350
- https://access.redhat.com/errata/RHSA-2025:10351
- https://access.redhat.com/errata/RHSA-2025:10352
- https://access.redhat.com/errata/RHSA-2025:10355
- https://access.redhat.com/errata/RHSA-2025:10356
- https://access.redhat.com/errata/RHSA-2025:10360
- https://access.redhat.com/errata/RHSA-2025:10370
- https://access.redhat.com/errata/RHSA-2025:10374
- https://access.redhat.com/errata/RHSA-2025:10375
- https://access.redhat.com/errata/RHSA-2025:10376
- https://access.redhat.com/errata/RHSA-2025:10377
- https://access.redhat.com/errata/RHSA-2025:10378
- https://access.redhat.com/errata/RHSA-2025:10381
- https://access.redhat.com/errata/RHSA-2025:10410
- https://access.redhat.com/errata/RHSA-2025:9303
- https://access.redhat.com/errata/RHSA-2025:9304
- https://access.redhat.com/errata/RHSA-2025:9305
- https://access.redhat.com/errata/RHSA-2025:9306
- https://access.redhat.com/errata/RHSA-2025:9392
- https://access.redhat.com/errata/RHSA-2025:9964
- https://access.redhat.com/security/cve/CVE-2025-49176
- https://bugzilla.redhat.com/show_bug.cgi?id=2369954
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe62cb1e2b10400d9
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f997783a3714c4fe1
- https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html
- https://www.x.org/wiki/Development/Security/