Red Hat Product Errata RHSA-2026:11388 - Security Advisory Issued: 2026-04-28 Updated: 2026-04-28 RHSA-2026:11388 - Security Advisory Overview Updated Packages Synopsis Important: xorg-x11-server security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999) xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001) xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Fixes BZ - 2451106 - CVE-2026-33999 xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling BZ - 2451109 - CVE-2026-34001 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption BZ - 2451113 - CVE-2026-34003 xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access CVEs CVE-2026-33999 CVE-2026-34001 CVE-2026-34003 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM xorg-x11-server-1.20.11-33.el9_7.src.rpm SHA-256: 45d106f039967c8286c402d80af3c2f3aae62836d0280eeb48e44c27dbef6822 x86_64 xorg-x11-server-Xdmx-1.20.11-33.el9_7.x86_64.rpm SHA-256: 7dffd37a9107c200747482dbdf0e76bc7942fb1e8e8330e53b8bc6b5c8904ade xorg-x11-server-Xdmx-debuginfo-1.20.11-33.el9_7.x86_64.rpm SHA-256: cd6e895d4a08bdb1fb2ae452b359987f5227724d684b810d9d5584d984abb375 xorg-x11-server-Xephyr-1.20.11-33.el9_7.x86_64.rpm SHA-256: 4bf87e4e60bf8e6e35c18057a414aaca757e8a15172244640f1486a452ea81c5 xorg-x11-server-Xephyr-debuginfo-1.20.11-33.el9_7.x86_64.rpm SHA-256: a84bc93d0a20d7bb2cdea7dba66c829705dda2810e6a880baea8cfb8f7b7f562 xorg-x11-server-Xnest-1.20.11-33.el9_7.x86_64.rpm SHA-256: d9b722a812b87f258756810342adeed1f51cac12241ed81801ceba10a9a1113b xorg-x11-server-Xnest-debuginfo-1.20.11-33.el9_7.x86_64.rpm SHA-256: cfd1df31ccb97d9a8daa820503329b8c7baccda5bd2e0a938083e62a5ce432c9 xorg-x11-server-Xorg-1.20.11-33.el9_7.x86_64.rpm SHA-256: b55dd402dc65a8d2c2c6b6eef288444d1fd73dac6b996ed660b9ee43e255e822 xorg-x11-server-Xorg-debuginfo-1.20.11-33.el9_7.x86_64.rpm SHA-256: e169d95768ab43ee0c2e387d81ba6f4aa3e947869af9e3db2efea44d2b69fb60 xorg-x11-server-Xvfb-1.20.11-33.el9_7.x86_64.rpm SHA-256: 06bdcbb117a3eae63692551abe45829cf3c86da6c3ff8b1508889a9341f7c857 xorg-x11-server-Xvfb-debuginfo-1.20.11-33.el9_7.x86_64.rpm SHA-256: 58157a6307c3a63c3c1cf306cde1803e8c9dc43c8ad4b23c812b5105de3a4ec6 xorg-x11-server-common-1.20.11-33.el9_7.x86_64.rpm SHA-256: 522f8515723d1c690976398cd87949dabc98600fac57f123ce16aa0e5fba6668 xorg-x11-server-debuginfo-1.20.11-33.el9_7.x86_64.rpm SHA-256: c3aa3a78c1cc1540b30b67b71fcdb180b2eee426d2fd1a47ffb0d8ae0a9c7438 xorg-x11-server-debugsource-1.20.11-33.el9_7.x86_64.rpm SHA-256: 716818d95eb71bc9ec80b51f2a8458c2a708f4a1541fb64d4068cc74fc437737 Red Hat Enterprise Linux for IBM z Systems 9 SRPM xorg-x11-server-1.20.11-33.el9_7.src.rpm SHA-256: 45d106f039967c8286c402d80af3c2f3aae62836d0280eeb48e44c27dbef6822 s390x xorg-x11-server-Xdmx-1.20.11-33.el9_7.s390x.rpm SHA-256: 80020b15f1a7dd28949a0de4513a0c1ff19db9d24cb004ba6a21e87652737bf9 xorg-x11-server-Xdmx-debuginfo-1.20.11-33.el9_7.s390x.rpm SHA-256: 0b9bb46582e54d6419be6154eda0a08fc6d57149108648888d2a6d36582e1ac7 xorg-x11-server-Xephyr-1.20.11-33.el9_7.s390x.rpm SHA-256: 28abbf83008f0f1d8e90d4d6425a16b38e5b0fa9c50fba9d2b9be397cfe17027 xorg-x11-server-Xephyr-debuginfo-1.20.11-33.el9_7.s390x.rpm SHA-256: 34197d2d75f85c480086d310e3ab8cafb993206e28d42327d4fcabac429b01c1 xorg-x11-server-Xnest-1.20.11-33.el9_7.s390x.rpm SHA-256: 264ef919e36fa09aa08a0da3ae97074444817e664722f9488d164e1a6fdfe9a8 xorg-x11-server-Xnest-debuginfo-1.20.11-33.el9_7.s390x.rpm SHA-256: 35673bff072594f82423fa949310f6b484ed78e59a6c6676f1eaa22d404d822c xorg-x11-server-Xorg-1.20.11-33.el9_7.s390x.rpm SHA-256: de6ba076c0d5c9d959b90a01063e71bb7b5d445fd7cf2a34eef7aab4e8cc7e73 xorg-x11-server-Xorg-debuginfo-1.20.11-33.el9_7.s390x.rpm SHA-256: b9c51849f0ad6afd838ee35937a5708ad37833a2ed22162a5848af736251f603 xorg-x11-server-Xvfb-1.20.11-33.el9_7.s390x.rpm SHA-256: d611955091c16e2945d396c9f2ea73719657b5ac9c496b13ca2248054fa6eb80 xorg-x11-server-Xvfb-debuginfo-1.20.11-33.el9_7.s390x.rpm SHA-256: f62f265e5732b5781d163404f1c1fc0928f5b9b761c628e1d4a79d3d3ccf1467 xorg-x11-server-common-1.20.11-33.el9_7.s390x.rpm SHA-256: 7462cd0044e38febc783a8c1d52100404078a642b718a7d67a8c85bea01b0af8 xorg-x11-server-debuginfo-1.20.11-33.el9_7.s390x.rpm SHA-256: fc64444148858df6feb1a1daabb3437e8ec864b4c0978a3bddd7e93849e35788 xorg-x11-server-debugsource-1.20.11-33.el9_7.s390x.rpm SHA-256: 238f21f3ba1c1f250d9d3ab46e952bfd0ab35b1e6b38a246a399430aa730f620 Red Hat Enterprise Linux for Power, little endian 9 SRPM xorg-x11-server-1.20.11-33.el9_7.src.rpm SHA-256: 45d106f039967c8286c402d80af3c2f3aae62836d0280eeb48e44c27dbef6822 ppc64le xorg-x11-server-Xdmx-1.20.11-33.el9_7.ppc64le.rpm SHA-256: 9c4518b024e3206eb73bdac532e9bbd683643054ac48d42d5f4a56349acba039 xorg-x11-server-Xdmx-debuginfo-1.20.11-33.el9_7.ppc64le.rpm SHA-256: 0e695ae23671d751e340238782c4a882af7f5ee728639405c6af798176b6dac3 xorg-x11-server-Xephyr-1.20.11-33.el9_7.ppc64le.rpm SHA-256: 0eb15847433d440756713f00756215ddcde69e6c15dc7de4a15b0e20edb1e4fc xorg-x11-server-Xephyr-debuginfo-1.20.11-33.el9_7.ppc64le.rpm SHA-256: 2c1112d9b3a62ced964affa3b21ad6e072cd3d2c6b77b6edba565ae8b3f732a7 xorg-x11-server-Xnest-1.20.11-33.el9_7.ppc64le.rpm SHA-256: e10f662db1b205079872f034545242139cd8b93390d2f9617ee9725aeae1e7bb xorg-x11-server-Xnest-debuginfo-1.20.11-33.el9_7.ppc64le.rpm SHA-256: bd4cd1cff1eb9b27368e2101f40effa709f4c1f38706288855d7ab9cf531813e xorg-x11-server-Xorg-1.20.11-33.el9_7.ppc64le.rpm SHA-256: a8bf7471850cf533c8f2878ab5ff97b4fbee4b152d3f0aa4be7b5957ddca2852 xorg-x11-server-Xorg-debuginfo-1.20.11-33.el9_7.ppc64le.rpm SHA-256: 19d49c776c2d94b3736351afb55db0188f82c6c75cbbc98430ce1a075b3614b3 xorg-x11-server-Xvfb-1.20.11-33.el9_7.ppc64le.rpm SHA-256: 1f0e28edbd93b264d325844667bb0b1759778199e51b7682403dbd600695da6a xorg-x11-server-Xvfb-debuginfo-1.20.11-33.el9_7.ppc64le.rpm SHA-256: fd115e577e325b85125cf53603e38ed5c635800b97d411dac248e680fd59d250 xorg-x11-server-common-1.20.11-33.el9_7.ppc64le.rpm SHA-256: 329093b3c8c90327dee81a6cc140f22b5ddc0ce73c55d8f11c5b9b4c3faadd0c xorg-x11-server-debuginfo-1.20.11-33.el9_7.ppc64le.rpm SHA-256: ba7b08470c53ad7bf913385c1fc3fb80694320e6fd5a215f8401de71ab9b33d1 xorg-x11-server-debugsource-1.20.11-33.el9_7.ppc64le.rpm SHA-256: 06d9464c4571c7e951190ccb87da263f15c3fcfca59b30041f8681793502b544 Red Hat Enterprise Linux for ARM 64 9 SRPM xorg-x11-server-1.20.11-33.el9_7.src.rpm SHA-256: 45d106f039967c8286c402d80af3c2f3aae62836d0280eeb48e44c27dbef6822 aarch64 xorg-x11-server-Xdmx-1.20.11-33.el9_7.aarch64.rpm SHA-256: e08e87c06c1d7e39770c7dfa79e49fa29bb649b2d72f5d75e74b0bc25e73144c xorg-x11-server-Xdmx-debuginfo-1.20.11-33.el9_7.aarch64.rpm SHA-256: ddbdd4606201667eca001f08440768ef6856a9c0a8d3e854d3bf75dde3d3d052 xorg-x11-server-Xephyr-1.20.11-33.el9_7.aarch64.rpm SHA-256: 0455321bc04a485ef5e531e2f6d17c19f210a898112de3fe3c7900bbc66e5555 xorg-x11-server-Xephyr-debuginfo-1.20.11-33.el9_7.aarch64.rpm SHA-256: 1b441939ef2840f50b92511dcf4b080e28a988f79a970341959d8377fb7efeef xorg-x11-server-Xnest-1.20.11-33.el9_7.aarch64.rpm SHA-256: 68eade1106159987766204fee38a13d819f1cb676fefcf3da25017373541c506 xorg-x11-server-Xnest-debuginfo-1.20.11-33.el9_7.aarch64.rpm SHA-256: 5f0f73ad269e2a44c8c6ee65b83fc2ab3ba7b6bf3c6d164b0024c883188320c7 xorg-x11-server-Xorg-1.20.11-33.el9_7.aarch64.rpm SHA-256: 834c1a7bd2c44cfdca169b6619844015bd2788faa879243f5f39ca9570412270 xorg-x11-server-Xorg-debuginfo-1.20.11-33.el9_7.aarch64.rpm SHA-256: eced2017845d1c02b429004a37bb81741fb01ab06f64a6f53ad45ba28808c031 xorg-x11-server-Xvfb-1.20.11-33.el9_7.aarch64.rpm SHA-256: b65f18d25a5d84e19556fe4da000ca1f752abde87f1db766c0566311e3e75149 xorg-x11-server-Xvfb-debuginfo-1.20.11-33.el9_7.aarch64.rpm SHA-256: 0ee029593677f6ddcc19831766952c6f9119c95a15a58997d3142f81e22e4c58 xorg-x11-server-common-1.20.11-33.el9_7.aarch64.rpm SHA-256: a4d492a7f1fe9c3187bc456ff730b438b017d0a24afb369cb53a1444d44643a7 xorg-x11-server-debuginfo-1.20.11-33.el9_7.aarch64.rpm SHA-256: 3c3e86d9952141e91e4eba83ea60ebc3b0b95fea55f6f48f5a306799db0560dd xorg