Skip to main content
Skip table of contents

ISN 2026-01: X.Org Server Vulnerabilities

First published 15 January 2026

CVSS:3.1: 7.3 (High)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

Summary

A security vulnerability has been found in X.Org, the display server used in IGEL OS. This affects the following product versions:

  • IGEL OS 11

Details

The X.Org project reports three security issues in its display server that are rated high: The X11 Present extension suffers from a use-after-free in notification creation (CVE-2025-62229). Another use-after-free has been found in Xkb client resource removal (CVE-2025-62230). These vulnerabilities can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service. In addition, there is a value overflow in the Xkb extension XkbSetCompatMap (CVE-2025-62231).

Update Instructions

  • OS 11: Update to IGEL OS 11.11.120.

References

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close