OESA-2025-1256

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1256
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2025-1256.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2025-1256
Upstream
Published
2025-03-07T15:27:55Z
Modified
2025-08-12T05:49:34.565573Z
Summary
libxkbfile security update
Details

Libxkbfile is used by the X servers and utilities to parse the XKB configuration data files.

Security Fix(es):

A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size.(CVE-2025-26595)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:22.03-LTS-SP3 / libxkbfile

Package

Name
libxkbfile
Purl
pkg:rpm/openEuler/libxkbfile&distro=openEuler-22.03-LTS-SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.0-6.oe2203sp3

Ecosystem specific 

{
    "aarch64": [
        "libxkbfile-1.1.0-6.oe2203sp3.aarch64.rpm",
        "libxkbfile-debuginfo-1.1.0-6.oe2203sp3.aarch64.rpm",
        "libxkbfile-debugsource-1.1.0-6.oe2203sp3.aarch64.rpm",
        "libxkbfile-devel-1.1.0-6.oe2203sp3.aarch64.rpm"
    ],
    "src": [
        "libxkbfile-1.1.0-6.oe2203sp3.src.rpm"
    ],
    "x86_64": [
        "libxkbfile-1.1.0-6.oe2203sp3.x86_64.rpm",
        "libxkbfile-debuginfo-1.1.0-6.oe2203sp3.x86_64.rpm",
        "libxkbfile-debugsource-1.1.0-6.oe2203sp3.x86_64.rpm",
        "libxkbfile-devel-1.1.0-6.oe2203sp3.x86_64.rpm"
    ]
}

openEuler:22.03-LTS-SP4 / libxkbfile

Package

Name
libxkbfile
Purl
pkg:rpm/openEuler/libxkbfile&distro=openEuler-22.03-LTS-SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.0-6.oe2203sp4

Ecosystem specific 

{
    "aarch64": [
        "libxkbfile-1.1.0-6.oe2203sp4.aarch64.rpm",
        "libxkbfile-debuginfo-1.1.0-6.oe2203sp4.aarch64.rpm",
        "libxkbfile-debugsource-1.1.0-6.oe2203sp4.aarch64.rpm",
        "libxkbfile-devel-1.1.0-6.oe2203sp4.aarch64.rpm"
    ],
    "src": [
        "libxkbfile-1.1.0-6.oe2203sp4.src.rpm"
    ],
    "x86_64": [
        "libxkbfile-1.1.0-6.oe2203sp4.x86_64.rpm",
        "libxkbfile-debuginfo-1.1.0-6.oe2203sp4.x86_64.rpm",
        "libxkbfile-debugsource-1.1.0-6.oe2203sp4.x86_64.rpm",
        "libxkbfile-devel-1.1.0-6.oe2203sp4.x86_64.rpm"
    ]
}

openEuler:24.03-LTS / libxkbfile

Package

Name
libxkbfile
Purl
pkg:rpm/openEuler/libxkbfile&distro=openEuler-24.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.2-2.oe2403sp1

Ecosystem specific 

{
    "aarch64": [
        "libxkbfile-1.1.2-2.oe2403.aarch64.rpm",
        "libxkbfile-debuginfo-1.1.2-2.oe2403.aarch64.rpm",
        "libxkbfile-debugsource-1.1.2-2.oe2403.aarch64.rpm",
        "libxkbfile-devel-1.1.2-2.oe2403.aarch64.rpm",
        "libxkbfile-1.1.2-2.oe2403sp1.aarch64.rpm",
        "libxkbfile-debuginfo-1.1.2-2.oe2403sp1.aarch64.rpm",
        "libxkbfile-debugsource-1.1.2-2.oe2403sp1.aarch64.rpm",
        "libxkbfile-devel-1.1.2-2.oe2403sp1.aarch64.rpm"
    ],
    "src": [
        "libxkbfile-1.1.2-2.oe2403.src.rpm",
        "libxkbfile-1.1.2-2.oe2403sp1.src.rpm"
    ],
    "x86_64": [
        "libxkbfile-1.1.2-2.oe2403.x86_64.rpm",
        "libxkbfile-debuginfo-1.1.2-2.oe2403.x86_64.rpm",
        "libxkbfile-debugsource-1.1.2-2.oe2403.x86_64.rpm",
        "libxkbfile-devel-1.1.2-2.oe2403.x86_64.rpm",
        "libxkbfile-1.1.2-2.oe2403sp1.x86_64.rpm",
        "libxkbfile-debuginfo-1.1.2-2.oe2403sp1.x86_64.rpm",
        "libxkbfile-debugsource-1.1.2-2.oe2403sp1.x86_64.rpm",
        "libxkbfile-devel-1.1.2-2.oe2403sp1.x86_64.rpm"
    ]
}

openEuler:24.03-LTS-SP1 / libxkbfile

Package

Name
libxkbfile
Purl
pkg:rpm/openEuler/libxkbfile&distro=openEuler-24.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.2-2.oe2403sp1

Ecosystem specific 

{
    "aarch64": [
        "libxkbfile-1.1.2-2.oe2403sp1.aarch64.rpm",
        "libxkbfile-debuginfo-1.1.2-2.oe2403sp1.aarch64.rpm",
        "libxkbfile-debugsource-1.1.2-2.oe2403sp1.aarch64.rpm",
        "libxkbfile-devel-1.1.2-2.oe2403sp1.aarch64.rpm"
    ],
    "src": [
        "libxkbfile-1.1.2-2.oe2403sp1.src.rpm"
    ],
    "x86_64": [
        "libxkbfile-1.1.2-2.oe2403sp1.x86_64.rpm",
        "libxkbfile-debuginfo-1.1.2-2.oe2403sp1.x86_64.rpm",
        "libxkbfile-debugsource-1.1.2-2.oe2403sp1.x86_64.rpm",
        "libxkbfile-devel-1.1.2-2.oe2403sp1.x86_64.rpm"
    ]
}

openEuler:20.03-LTS-SP4 / libxkbfile

Package

Name
libxkbfile
Purl
pkg:rpm/openEuler/libxkbfile&distro=openEuler-20.03-LTS-SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.0-5.oe2003sp4

Ecosystem specific 

{
    "aarch64": [
        "libxkbfile-1.1.0-5.oe2003sp4.aarch64.rpm",
        "libxkbfile-debuginfo-1.1.0-5.oe2003sp4.aarch64.rpm",
        "libxkbfile-debugsource-1.1.0-5.oe2003sp4.aarch64.rpm",
        "libxkbfile-devel-1.1.0-5.oe2003sp4.aarch64.rpm"
    ],
    "src": [
        "libxkbfile-1.1.0-5.oe2003sp4.src.rpm"
    ],
    "x86_64": [
        "libxkbfile-1.1.0-5.oe2003sp4.x86_64.rpm",
        "libxkbfile-debuginfo-1.1.0-5.oe2003sp4.x86_64.rpm",
        "libxkbfile-debugsource-1.1.0-5.oe2003sp4.x86_64.rpm",
        "libxkbfile-devel-1.1.0-5.oe2003sp4.x86_64.rpm"
    ]
}