CVE-2025-62229: A flaw was found in the X.Org X server
and Xwayland when processing X11 Present extension
notifications. Improper error handling during notification
creation can leave dangling pointers that lead to a
use-after-free condition. This can cause memory corruption
or a crash, potentially allowing an attacker to execute
arbitrary code or cause a denial of service.
CVE-2025-62230: A flaw was discovered in the X.Org X
servers X Keyboard (Xkb) extension when handling client
resource cleanup. The software frees certain data
structures without properly detaching related resources,
leading to a use-after-free condition. This can cause
memory corruption or a crash when affected clients
disconnect.
CVE-2025-62231: A flaw was identified in the X.Org X
servers X Keyboard (Xkb) extension where improper bounds
checking in the XkbSetCompatMap() function can cause an
unsigned short overflow. If an attacker sends specially
crafted input data, the value calculation may overflow,
leading to memory corruption or a crash.