What is the CVSS score of CVE-2025-62231?

CVE-2025-62231 has a CVSS 3.1 base score of 7.3 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H. EPSS exploitation probability: 0.0%.

Which versions of Red Hat are affected by CVE-2025-62231?

CVE-2025-62231 is a local privilege escalation vulnerability in the X.Org X server's keyboard extension that affects Red Hat Enterprise Linux systems, enabling low-privilege local users to crash or…. A patch is available.

How to fix or mitigate CVE-2025-62231?

Within 24 hours: Inventory all RHEL systems running X.Org X server (check /usr/bin/X* presence and systemctl status display-manager); identify systems with local user access or remote desktop services enabled. Within 7 days: Apply Red Hat security updates (RHSA-2025:19432 through RHSA-2025:22055) corresponding to your RHEL major version via 'yum update xorg-x11-server' or equivalent; test in non-production first. Within 30 days: Verify patch deployment across all inventory via 'rpm -q xorg-x11-server' and document completion.

Red Hat CVE-2025-62231

HIGH

Integer Overflow or Wraparound (CWE-190)

2025-10-30 secalert@redhat.com

Buffer Overflow Integer Overflow Red Hat Suse

7.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 20, 2026 - 14:33 vuln.today

DescriptionNVD

A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash.

AnalysisAI

Local privilege escalation in X.Org X server's Xkb extension affects RHEL-family distributions, allowing authenticated users to corrupt memory or crash the X server via integer overflow in XkbSetCompatMap(). Attack requires local access with low-privilege credentials. EPSS data not available; no CISA KEV listing indicates targeted rather than widespread exploitation. Red Hat has released patches across multiple RHEL versions (RHSA-2025:19432 through RHSA-2025:22055).

Technical ContextAI

The vulnerability exists in the X Keyboard (Xkb) extension of the X.Org X server, a fundamental component of graphical Linux/Unix systems that manages keyboard mapping and input handling. The XkbSetCompatMap() function performs insufficient bounds checking on input data before arithmetic operations, triggering CWE-190 (Integer Overflow or Wraparound). When processing specially crafted compatibility map data, an unsigned short variable can overflow during value calculation, resulting in an out-of-bounds write condition. The Xkb extension runs with elevated privileges in the X server process, making memory corruption exploitable for privilege escalation. This affects the core xorg-x11-server package across Red Hat Enterprise Linux variants, including standard RHEL, extended lifecycle releases, and specialized distributions like RHEL for Real Time and SAP Solutions.

Affected ProductsAI

X.Org X server (xorg-x11-server package) across Red Hat Enterprise Linux family distributions. Confirmed affected versions include RHEL 8.10, RHEL 9.2 through 9.5 Extended Update Support, RHEL 8.6 through 8.10 Extended Update Support, RHEL for Real Time versions, and RHEL for SAP Solutions. Specific advisories cover xorg-x11-server and related packages (xorg-x11-server-common, xorg-x11-server-Xephyr, xorg-x11-server-Xnest, xorg-x11-server-Xvfb, xorg-x11-server-Xwayland, xorg-x11-server-source). Full advisory list available at Red Hat Security Advisories RHSA-2025:19432, RHSA-2025:19433, RHSA-2025:19434, RHSA-2025:19435, RHSA-2025:19489, RHSA-2025:19623, RHSA-2025:19909, RHSA-2025:20958, RHSA-2025:20960, RHSA-2025:20961, RHSA-2025:21035, RHSA-2025:22040, RHSA-2025:22041, RHSA-2025:22051, and RHSA-2025:22055. Upstream X.Org distributions and other Linux distributions incorporating affected X.Org X server versions are likely vulnerable pending vendor-specific confirmation.

RemediationAI

Apply vendor-released patches immediately for affected Red Hat Enterprise Linux systems via the appropriate RHSA advisory for your specific RHEL version and variant. Use yum or dnf package managers to update xorg-x11-server and related packages: 'sudo dnf update xorg-x11-server xorg-x11-server-common xorg-x11-server-Xwayland' (exact package names vary by advisory). Verify installed versions match patched releases specified in your applicable RHSA. For systems unable to patch immediately, implement compensating controls with understanding of operational impact: (1) Disable the Xkb extension by adding 'Option "XkbDisable" "true"' to X server configuration in /etc/X11/xorg.conf (WARNING: breaks keyboard functionality for most desktop environments; only viable for systems using alternative input methods or Wayland); (2) Restrict local user access to systems running X server through stricter authentication policies and account monitoring; (3) Deploy SELinux in enforcing mode to limit X server process privileges (already default on RHEL but verify with 'getenforce'); (4) Consider migrating to Wayland display server where applications support it, as Wayland architecture provides better privilege separation. For non-Red Hat distributions, consult your vendor's security advisories for X.Org X server updates. Headless servers without X.Org installed require no action.