PT-2025-25691 · Randr+10 · Randr+10

Published

2025-03-27

·

Updated

2025-12-12

·

CVE-2025-49180

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions The product name cannot be determined.
Description A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2025:9303
ALSA-2025:9304
ALSA-2025:9305
ALSA-2025:9306
ALSA-2025:9392
ALT-PU-2025-8331
ALT-PU-2025-8333
AZL-64199
AZL-64227
AZL-64262
BDU:2025-07022
CESA-2025_9305
CESA-2025_9392
CVE-2025-49180
DLA-4230-1
DSA-5947-1
INFSA-2025_9303
INFSA-2025_9305
INFSA-2025_9306
INFSA-2025_9392
MGASA-2025-0199
OPENSUSE-SU-2025:15310-1
OPENSUSE-SU-2025:15311-1
RHSA-2025:10258
RHSA-2025:10342
RHSA-2025:10343
RHSA-2025:10344
RHSA-2025:10346
RHSA-2025:10347
RHSA-2025:10348
RHSA-2025:10349
RHSA-2025:10350
RHSA-2025:10351
RHSA-2025:10352
RHSA-2025:10355
RHSA-2025:10356
RHSA-2025:10360
RHSA-2025:10370
RHSA-2025:10374
RHSA-2025:10375
RHSA-2025:10376
RHSA-2025:10377
RHSA-2025:10378
RHSA-2025:10381
RHSA-2025:10410
RHSA-2025:9303
RHSA-2025:9304
RHSA-2025:9305
RHSA-2025:9306
RHSA-2025:9392
RHSA-2025:9964
RHSA-2025_9303
RHSA-2025_9305
RHSA-2025_9306
RHSA-2025_9392
SUSE-SU-2025:01974-1
SUSE-SU-2025:01975-1
SUSE-SU-2025:01977-1
SUSE-SU-2025:01978-1
SUSE-SU-2025:01979-1
SUSE-SU-2025:01980-1
SUSE-SU-2025:01981-1
SUSE-SU-2025:02012-1
SUSE-SU-2025_01977-1
SUSE-SU-2025_01978-1
SUSE-SU-2025_01979-1
SUSE-SU-2025_01980-1
SUSE-SU-2025_01981-1
SUSE-SU-2025_02012-1
USN-7573-1
USN-7573-2

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Randr
Red Hat
Rocky Linux
Suse
Ubuntu