vulnerability
FreeBSD: VID-8df49466-5664-11f0-943a-18c04d5ea3dc (CVE-2025-49176): xorg server -- Multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:L/Au:S/C:P/I:C/A:C) | Jul 1, 2025 | Jul 2, 2025 | Dec 10, 2025 |
Severity
6
CVSS
(AV:L/AC:L/Au:S/C:P/I:C/A:C)
Published
Jul 1, 2025
Added
Jul 2, 2025
Modified
Dec 10, 2025
Description
The X.Org project reports: CVE-2025-49176: Integer overflow in Big Requests Extension The Big Requests extension allows requests larger than the 16-bit length limit. It uses integers for the request length and checks for the size not to exceed the maxBigRequestSize limit, but does so after translating the length to integer by multiplying the given size in bytes by 4. In doing so, it might overflow the integer size limit before actually checking for the overflow, defeating the purpose of the test.
Solutions
freebsd-upgrade-package-xorg-serverfreebsd-upgrade-package-xephyrfreebsd-upgrade-package-xorg-vfbserverfreebsd-upgrade-package-xorg-nextserverfreebsd-upgrade-package-xwayland
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.