Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:19125: Important: xorg-x11-server-Xwayland security update

cve-2026-33999redhatcve-2026-34001cve-2026-34003
Red Hat has issued an Important security update for xorg-x11-server-Xwayland addressing three vulnerabilities (CVE-2026-33999, CVE-2026-34001, CVE-2026-34003, all CVSS 7.8 HIGH) that include an integer underflow, a use-after-free, and an out-of-bounds memory access, which can lead to denial of service, memory corruption, and information exposure. The affected software is Xwayland, the X server for running X clients under Wayland, on Red Hat Enterprise Linux 10. Administrators should apply the update immediately via the provided Red Hat solution article.
Read Full Article →

Red Hat Product Errata RHSA-2026:19125 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19125 - Security Advisory Overview Updated Packages Synopsis Important: xorg-x11-server-Xwayland security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Xwayland is an X server for running X clients under Wayland. Security Fix(es): xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999) xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001) xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.2 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.2 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2451106 - CVE-2026-33999 xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling BZ - 2451109 - CVE-2026-34001 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption BZ - 2451113 - CVE-2026-34003 xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access CVEs CVE-2026-33999 CVE-2026-34001 CVE-2026-34003 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM xorg-x11-server-Xwayland-24.1.9-4.el10_2.src.rpm SHA-256: a91c9e76bdea6fbeeb4a428ec8ab9cc172e2175161b32da0846f1d9dc7ddc2ad x86_64 xorg-x11-server-Xwayland-24.1.9-4.el10_2.x86_64.rpm SHA-256: ff909cbefc02c696d300c09ede9f2a0fc7b925ff0737ebc24fc5f58d0c24f2ae xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el10_2.x86_64.rpm SHA-256: 02b512a260a963ce61088a47c291f17885992060d35d1c536fbbee7cb723216f xorg-x11-server-Xwayland-debugsource-24.1.9-4.el10_2.x86_64.rpm SHA-256: 034f6ff36259ad877ec3969edfc8cf939489b8a491358a7d2fd525f8fc70cace Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 SRPM xorg-x11-server-Xwayland-24.1.9-4.el10_2.src.rpm SHA-256: a91c9e76bdea6fbeeb4a428ec8ab9cc172e2175161b32da0846f1d9dc7ddc2ad x86_64 xorg-x11-server-Xwayland-24.1.9-4.el10_2.x86_64.rpm SHA-256: ff909cbefc02c696d300c09ede9f2a0fc7b925ff0737ebc24fc5f58d0c24f2ae xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el10_2.x86_64.rpm SHA-256: 02b512a260a963ce61088a47c291f17885992060d35d1c536fbbee7cb723216f xorg-x11-server-Xwayland-debugsource-24.1.9-4.el10_2.x86_64.rpm SHA-256: 034f6ff36259ad877ec3969edfc8cf939489b8a491358a7d2fd525f8fc70cace Red Hat Enterprise Linux for IBM z Systems 10 SRPM xorg-x11-server-Xwayland-24.1.9-4.el10_2.src.rpm SHA-256: a91c9e76bdea6fbeeb4a428ec8ab9cc172e2175161b32da0846f1d9dc7ddc2ad s390x xorg-x11-server-Xwayland-24.1.9-4.el10_2.s390x.rpm SHA-256: e0514ab1086090d0144a78ba96868a8e575b3d2524d4f9647fe623aa3c443d31 xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el10_2.s390x.rpm SHA-256: 235493e634e2089d64bf3ae97f409ebd46442ec35be207ce508efda067b54454 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el10_2.s390x.rpm SHA-256: 332354968d12ee573902037b5179643ec4d2168576eb186ff9825f2762bad755 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 SRPM xorg-x11-server-Xwayland-24.1.9-4.el10_2.src.rpm SHA-256: a91c9e76bdea6fbeeb4a428ec8ab9cc172e2175161b32da0846f1d9dc7ddc2ad s390x xorg-x11-server-Xwayland-24.1.9-4.el10_2.s390x.rpm SHA-256: e0514ab1086090d0144a78ba96868a8e575b3d2524d4f9647fe623aa3c443d31 xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el10_2.s390x.rpm SHA-256: 235493e634e2089d64bf3ae97f409ebd46442ec35be207ce508efda067b54454 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el10_2.s390x.rpm SHA-256: 332354968d12ee573902037b5179643ec4d2168576eb186ff9825f2762bad755 Red Hat Enterprise Linux for Power, little endian 10 SRPM xorg-x11-server-Xwayland-24.1.9-4.el10_2.src.rpm SHA-256: a91c9e76bdea6fbeeb4a428ec8ab9cc172e2175161b32da0846f1d9dc7ddc2ad ppc64le xorg-x11-server-Xwayland-24.1.9-4.el10_2.ppc64le.rpm SHA-256: 878b357ae7e0d1dea30b510b705cee0d9650a2b39221febaef82e7fc1855a935 xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el10_2.ppc64le.rpm SHA-256: 54d2e1c96d22e7c48eae28a34a891baac3bde3c12869343725e90e68ea723130 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el10_2.ppc64le.rpm SHA-256: 8543554b515b5436128822a0cd4599a64ab0f4bf236b3b2b4d99dc6d20b418bc Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 SRPM xorg-x11-server-Xwayland-24.1.9-4.el10_2.src.rpm SHA-256: a91c9e76bdea6fbeeb4a428ec8ab9cc172e2175161b32da0846f1d9dc7ddc2ad ppc64le xorg-x11-server-Xwayland-24.1.9-4.el10_2.ppc64le.rpm SHA-256: 878b357ae7e0d1dea30b510b705cee0d9650a2b39221febaef82e7fc1855a935 xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el10_2.ppc64le.rpm SHA-256: 54d2e1c96d22e7c48eae28a34a891baac3bde3c12869343725e90e68ea723130 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el10_2.ppc64le.rpm SHA-256: 8543554b515b5436128822a0cd4599a64ab0f4bf236b3b2b4d99dc6d20b418bc Red Hat Enterprise Linux for ARM 64 10 SRPM xorg-x11-server-Xwayland-24.1.9-4.el10_2.src.rpm SHA-256: a91c9e76bdea6fbeeb4a428ec8ab9cc172e2175161b32da0846f1d9dc7ddc2ad aarch64 xorg-x11-server-Xwayland-24.1.9-4.el10_2.aarch64.rpm SHA-256: dcc1b76aacda3b14b8734c174e90cf11063a2817245cdf522e48daee89846f60 xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el10_2.aarch64.rpm SHA-256: 2de7e595cec941f0cadc480e47aa74d1617e4770e5b67a34d3a69ee3a4d4fc96 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el10_2.aarch64.rpm SHA-256: 8f506a211fc6454770da27f9ea119793b217701c0d5872384f0e735e0bdea9d6 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 SRPM xorg-x11-server-Xwayland-24.1.9-4.el10_2.src.rpm SHA-256: a91c9e76bdea6fbeeb4a428ec8ab9cc172e2175161b32da0846f1d9dc7ddc2ad aarch64 xorg-x11-server-Xwayland-24.1.9-4.el10_2.aarch64.rpm SHA-256: dcc1b76aacda3b14b8734c174e90cf11063a2817245cdf522e48daee89846f60 xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el10_2.aarch64.rpm SHA-256: 2de7e595cec941f0cadc480e47aa74d1617e4770e5b67a34d3a69ee3a4d4fc96 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el10_2.aarch64.rpm SHA-256: 8f506a211fc6454770da27f9ea119793b217701c0d5872384f0e735e0bdea9d6 Red Hat CodeReady Linux Builder for x86_64 10 SRPM x86_64 xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el10_2.x86_64.rpm SHA-256: 02b512a260a963ce61088a47c291f17885992060d35d1c536fbbee7cb723216f xorg-x11-server-Xwayland-debugsource-24.1.9-4.el10_2.x86_64.rpm SHA-256: 034f6ff36259ad877ec3969edfc8cf939489b8a491358a7d2fd525f8fc70cace xorg-x11-server-Xwayland-devel-24.1.9-4.el10_2.x86_64.rpm SHA-256: 1fc3527e2ba9602d912471a05dc57b9060cbceb4d332f81b65076346b3a6fb3d Red Hat CodeReady Linux Builder for Power, little endian 10 SRPM ppc64le xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el10_2.ppc64le.rpm SHA-256: 54d2e1c96d22e7c48eae28a34a891baac3bde3c12869343725e90e68ea723130 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el10_2.ppc64le.rpm SHA-256: 8543554b515b5436128822a0cd4599a64ab0f4bf236b3b2b4d99dc6d20b418bc xorg-x11-server-Xwayland-devel-24.1.9-4.el10_2.ppc64le.rpm SHA-256: 01c6e520c406611af3ce6959f448030be83fd9344ef3e530f317def45646bf3a Red Hat CodeReady Linux Builder for ARM 64 10 SRPM aarch64 xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el10_2.aarch64.rpm SHA-256: 2de7e595cec941f0cadc480e47aa74d1617e4770e5b67a34d3a69ee3a4d4fc96 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el10_2.aarch64.rpm SHA-256: 8f506a211fc6454770da27f9ea119793b217701c0d5872384f0e735e0bdea9d6 xorg-x11-server-Xwayland-deve

Related Articles

INFO RHSA-2026:11388: Important: xorg-x11-server security update Red Hat Errata INFO RHSA-2026:11692: Important: xorg-x11-server security update Red Hat Errata HIGH RHSA-2026:13414: Important: tigervnc security update Red Hat Errata INFO RHSA-2026:19343: Important: xorg-x11-server security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn