CVE-2025-62231: 
TigerVNC vulnerability analysis and mitigation

CVE-2025-62231 is a vulnerability discovered in the X.Org X server's X Keyboard (Xkb) extension, specifically in the XkbSetCompatMap() function. The vulnerability was discovered by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative and was publicly disclosed on October 28, 2025. The issue affects X.Org X server and Xwayland implementations (OSS Security, ZDI Advisory).

The vulnerability stems from improper bounds checking in the XkbSetCompatMap() function where the XkbCompatMap structure uses unsigned short values for some fields but fails to verify that input sums do not exceed the valid range. The vulnerability has been assigned a CVSS score of 7.3 (High) with the vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H (Red Hat CVE, ZDI Advisory).

If an attacker sends specially crafted input data to the XkbSetCompatMap() function, the value calculation may overflow, leading to memory corruption or a system crash. The vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability (ZDI Advisory).

X.Org has released security updates to address this vulnerability. Red Hat has provided fixes through multiple security advisories for affected products including RHEL 8, 9, and 10. Debian has also released security updates for affected versions. Users are strongly advised to upgrade to the patched versions (OSS Security, Debian Advisory).