Security update for xorg-x11-server SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2026:20198-1 Final 1 1 2026-02-11T11:25:45Z current 2026-02-11T11:25:45Z 2026-02-11T11:25:45Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xorg-x11-server This update for xorg-x11-server fixes the following issues: - CVE-2025-62229: Fixed use-after-free in XPresentNotify structures creation (bsc#1251958). - CVE-2025-62230: Fixed use-after-free in Xkb client resource removal (bsc#1251959). - CVE-2025-62231: Fixed value overflow in Xkb extension XkbSetCompatMap() (bsc#1251960). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Leap-16.0-254 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1251958 SUSE Bug 1251958 https://bugzilla.suse.com/1251959 SUSE Bug 1251959 https://bugzilla.suse.com/1251960 SUSE Bug 1251960 https://www.suse.com/security/cve/CVE-2025-62229/ SUSE CVE CVE-2025-62229 page https://www.suse.com/security/cve/CVE-2025-62230/ SUSE CVE CVE-2025-62230 page https://www.suse.com/security/cve/CVE-2025-62231/ SUSE CVE CVE-2025-62231 page openSUSE Leap 16.0 xorg-x11-server-21.1.15-160000.3.1 xorg-x11-server-Xvfb-21.1.15-160000.3.1 xorg-x11-server-extra-21.1.15-160000.3.1 xorg-x11-server-sdk-21.1.15-160000.3.1 xorg-x11-server-source-21.1.15-160000.3.1 xorg-x11-server-wrapper-21.1.15-160000.3.1 xorg-x11-server-21.1.15-160000.3.1 as a component of openSUSE Leap 16.0 xorg-x11-server-Xvfb-21.1.15-160000.3.1 as a component of openSUSE Leap 16.0 xorg-x11-server-extra-21.1.15-160000.3.1 as a component of openSUSE Leap 16.0 xorg-x11-server-sdk-21.1.15-160000.3.1 as a component of openSUSE Leap 16.0 xorg-x11-server-source-21.1.15-160000.3.1 as a component of openSUSE Leap 16.0 xorg-x11-server-wrapper-21.1.15-160000.3.1 as a component of openSUSE Leap 16.0 A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service. CVE-2025-62229 openSUSE Leap 16.0:xorg-x11-server-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-Xvfb-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-extra-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-sdk-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-source-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-wrapper-21.1.15-160000.3.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-62229.html CVE-2025-62229 https://bugzilla.suse.com/1251958 SUSE Bug 1251958 A flaw was discovered in the X.Org X server's X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect. CVE-2025-62230 openSUSE Leap 16.0:xorg-x11-server-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-Xvfb-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-extra-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-sdk-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-source-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-wrapper-21.1.15-160000.3.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-62230.html CVE-2025-62230 https://bugzilla.suse.com/1251959 SUSE Bug 1251959 A flaw was identified in the X.Org X server's X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash. CVE-2025-62231 openSUSE Leap 16.0:xorg-x11-server-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-Xvfb-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-extra-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-sdk-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-source-21.1.15-160000.3.1 openSUSE Leap 16.0:xorg-x11-server-wrapper-21.1.15-160000.3.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-62231.html CVE-2025-62231 https://bugzilla.suse.com/1251960 SUSE Bug 1251960