A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate.Referenceshttps://access.redhat.com/errata/RHSA-2025:9303https://access.redhat.com/errata/RHSA-2025:9304https://access.redhat.com/errata/RHSA-2025:9305https://access.redhat.com/errata/RHSA-2025:9306https://access.redhat.com/errata/RHSA-2025:9392https://access.redhat.com/security/cve/CVE-2025-49180https://bugzilla.redhat.com/show_bug.cgi?id=2369981
