CVE-2025-49179: 
TigerVNC vulnerability analysis and mitigation

CVE-2025-49179 is a vulnerability discovered in the X Record extension of the X.Org X Server. The flaw was disclosed on June 17, 2025, and affects the RecordSanityCheckRegisterClients function which fails to properly check for integer overflow when computing request length, which allows a client to bypass length checks (NVD, Ubuntu Security).

The vulnerability is classified as an Integer Overflow (CWE-190) in the X Record extension. The RecordSanityCheckRegisterClients function lacks proper validation for integer overflow when calculating request lengths, which allows a client to bypass length checks. The issue has been assigned a CVSS v3.1 Base Score of 7.3 (High) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H (Wiz Analysis).

The vulnerability enables attackers to bypass length checks in the X Record extension, potentially leading to memory corruption. This could result in denial of service conditions, information disclosure, or possible arbitrary code execution in the X Server (Wiz Analysis).

Multiple vendors have released patches to address this vulnerability. Ubuntu has released fixed versions for affected releases: Ubuntu 25.04 (xorg-server 2:21.1.16-1ubuntu1.1), 24.10 (2:21.1.13-2ubuntu1.4), 24.04 LTS (2:21.1.12-1ubuntu1.4), and 22.04 LTS (2:21.1.4-2ubuntu1.7~22.04.15). Red Hat has also addressed the issue in RHEL 8, 9, and 10 through various security advisories (Ubuntu Security, Red Hat Security).