AZL-69467

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-69467.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-69467

Upstream

CVE-2025-62231

Published

2025-10-30T05:15:39Z

Modified

2026-04-01T05:21:34.443256Z

Summary

CVE-2025-62231 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-3

Details

A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-62231

Affected packages

Azure Linux:3 / xorg-x11-server-Xwayland

Package

Name: xorg-x11-server-Xwayland
Purl: pkg:rpm/azure-linux/xorg-x11-server-Xwayland

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

24.1.6-3

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-69467.json"