Red Hat Product Errata RHSA-2026:19343 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19343 - Security Advisory Overview Updated Packages Synopsis Important: xorg-x11-server security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999) xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001) xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.8 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.8 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2451106 - CVE-2026-33999 xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling BZ - 2451109 - CVE-2026-34001 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption BZ - 2451113 - CVE-2026-34003 xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access CVEs CVE-2026-33999 CVE-2026-34001 CVE-2026-34003 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM xorg-x11-server-1.20.11-34.el9_8.src.rpm SHA-256: e09673ee03d2859daa88e2f0b6eb1b339be8204c2b20870534f7f323ed4d816c x86_64 xorg-x11-server-Xdmx-1.20.11-34.el9_8.x86_64.rpm SHA-256: 300dff291083f3764ed0575f9a8cbfbe0e83d709826c96f1fce35427d7d1dbfa xorg-x11-server-Xdmx-debuginfo-1.20.11-34.el9_8.x86_64.rpm SHA-256: 4b3859948b824e0ec599597a498be48e496f563655661b47ebb4ee92915895a8 xorg-x11-server-Xephyr-1.20.11-34.el9_8.x86_64.rpm SHA-256: 083bac1d567245b34cc8f4efc41081fa420500dbb18b04c7d95d635d7a4fc531 xorg-x11-server-Xephyr-debuginfo-1.20.11-34.el9_8.x86_64.rpm SHA-256: 6753376afc64eadc8010ce58f9eb759fb3a4ca3b48503c50c0595090101e8604 xorg-x11-server-Xnest-1.20.11-34.el9_8.x86_64.rpm SHA-256: e9254a987e6fbfff3a927a0f190154c801fe450e4adccb23d843f8c7a404bdd8 xorg-x11-server-Xnest-debuginfo-1.20.11-34.el9_8.x86_64.rpm SHA-256: 2708398a18f1e9590ceac989d9eed65333074b337db416822c41900528a48b8c xorg-x11-server-Xorg-1.20.11-34.el9_8.x86_64.rpm SHA-256: 984fbc025c8222e87a86a30173b32e59b528660f12e12d07d6fa03a838c8bbf3 xorg-x11-server-Xorg-debuginfo-1.20.11-34.el9_8.x86_64.rpm SHA-256: e4c62434b68ef0fd5affcde86f8583cc618997a62159321e574e2861681ef795 xorg-x11-server-Xvfb-1.20.11-34.el9_8.x86_64.rpm SHA-256: e40cc2e71d63eb99334ae6d714ca13adb3d649f73af137367c8c7cc7444bea52 xorg-x11-server-Xvfb-debuginfo-1.20.11-34.el9_8.x86_64.rpm SHA-256: ee3a4c0963737fce7ae987386858c423fd0c787d880fc8aaccbd2620529a5f05 xorg-x11-server-common-1.20.11-34.el9_8.x86_64.rpm SHA-256: d5cd42a77586f93f037abc5334dd23c62626f948aaf360273412528dde114288 xorg-x11-server-debuginfo-1.20.11-34.el9_8.x86_64.rpm SHA-256: 52f637938eaaa2ba371d20c2d54a5bd396ef512c3c62464bf4ea40c45abb07cc xorg-x11-server-debugsource-1.20.11-34.el9_8.x86_64.rpm SHA-256: 996837b50f3b73b0e11e6af2099c1b8225bccf10bbc3908cd8bd10d7f107d0ce Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM xorg-x11-server-1.20.11-34.el9_8.src.rpm SHA-256: e09673ee03d2859daa88e2f0b6eb1b339be8204c2b20870534f7f323ed4d816c x86_64 xorg-x11-server-Xdmx-1.20.11-34.el9_8.x86_64.rpm SHA-256: 300dff291083f3764ed0575f9a8cbfbe0e83d709826c96f1fce35427d7d1dbfa xorg-x11-server-Xdmx-debuginfo-1.20.11-34.el9_8.x86_64.rpm SHA-256: 4b3859948b824e0ec599597a498be48e496f563655661b47ebb4ee92915895a8 xorg-x11-server-Xephyr-1.20.11-34.el9_8.x86_64.rpm SHA-256: 083bac1d567245b34cc8f4efc41081fa420500dbb18b04c7d95d635d7a4fc531 xorg-x11-server-Xephyr-debuginfo-1.20.11-34.el9_8.x86_64.rpm SHA-256: 6753376afc64eadc8010ce58f9eb759fb3a4ca3b48503c50c0595090101e8604 xorg-x11-server-Xnest-1.20.11-34.el9_8.x86_64.rpm SHA-256: e9254a987e6fbfff3a927a0f190154c801fe450e4adccb23d843f8c7a404bdd8 xorg-x11-server-Xnest-debuginfo-1.20.11-34.el9_8.x86_64.rpm SHA-256: 2708398a18f1e9590ceac989d9eed65333074b337db416822c41900528a48b8c xorg-x11-server-Xorg-1.20.11-34.el9_8.x86_64.rpm SHA-256: 984fbc025c8222e87a86a30173b32e59b528660f12e12d07d6fa03a838c8bbf3 xorg-x11-server-Xorg-debuginfo-1.20.11-34.el9_8.x86_64.rpm SHA-256: e4c62434b68ef0fd5affcde86f8583cc618997a62159321e574e2861681ef795 xorg-x11-server-Xvfb-1.20.11-34.el9_8.x86_64.rpm SHA-256: e40cc2e71d63eb99334ae6d714ca13adb3d649f73af137367c8c7cc7444bea52 xorg-x11-server-Xvfb-debuginfo-1.20.11-34.el9_8.x86_64.rpm SHA-256: ee3a4c0963737fce7ae987386858c423fd0c787d880fc8aaccbd2620529a5f05 xorg-x11-server-common-1.20.11-34.el9_8.x86_64.rpm SHA-256: d5cd42a77586f93f037abc5334dd23c62626f948aaf360273412528dde114288 xorg-x11-server-debuginfo-1.20.11-34.el9_8.x86_64.rpm SHA-256: 52f637938eaaa2ba371d20c2d54a5bd396ef512c3c62464bf4ea40c45abb07cc xorg-x11-server-debugsource-1.20.11-34.el9_8.x86_64.rpm SHA-256: 996837b50f3b73b0e11e6af2099c1b8225bccf10bbc3908cd8bd10d7f107d0ce Red Hat Enterprise Linux for IBM z Systems 9 SRPM xorg-x11-server-1.20.11-34.el9_8.src.rpm SHA-256: e09673ee03d2859daa88e2f0b6eb1b339be8204c2b20870534f7f323ed4d816c s390x xorg-x11-server-Xdmx-1.20.11-34.el9_8.s390x.rpm SHA-256: bd21726ff6bf634adcc78f738e0b4dad4c7d8fc3632b1e3de83d007a8ba2da56 xorg-x11-server-Xdmx-debuginfo-1.20.11-34.el9_8.s390x.rpm SHA-256: bb6e96f7021a4354ba7fa0d9325a28bf53b0d0f1614006d10918da9ab09664e0 xorg-x11-server-Xephyr-1.20.11-34.el9_8.s390x.rpm SHA-256: 7911ca3e329d58eee493c3d3dc1e745dcc6c55fef1e27e57934c256b339a9a6e xorg-x11-server-Xephyr-debuginfo-1.20.11-34.el9_8.s390x.rpm SHA-256: 1af13614b8fb9d6f03dbe3f093672586b6aa0485ab14dcebb0c0f3d2e2486a52 xorg-x11-server-Xnest-1.20.11-34.el9_8.s390x.rpm SHA-256: 6f7cdcdc4c09942b71e123e121e82b802a1e3bc1af3d8011882cb80c95ea9c88 xorg-x11-server-Xnest-debuginfo-1.20.11-34.el9_8.s390x.rpm SHA-256: cb8813b2f53f80eb7949532d5a7523b4736bf1df1f2aabee8177d98d464d1b01 xorg-x11-server-Xorg-1.20.11-34.el9_8.s390x.rpm SHA-256: af6e2ea88c905e10cb1aed65a4e6b76c8305b53e396c51c91e6feced0db1a513 xorg-x11-server-Xorg-debuginfo-1.20.11-34.el9_8.s390x.rpm SHA-256: e3d8b19ede6d1208d4cbf3e68c5632ac5c78d6f5ce2ab4f380206ba7d432f637 xorg-x11-server-Xvfb-1.20.11-34.el9_8.s390x.rpm SHA-256: 127b7c2b89c6db9338f597c1a73e8f3305a6d34ebbd3bd150bc05e5225370048 xorg-x11-server-Xvfb-debuginfo-1.20.11-34.el9_8.s390x.rpm SHA-256: d0ef85fd1fafa627ac80868b2a4699fb513230d6160bb1c98f12d6b54f616c75 xorg-x11-server-common-1.20.11-34.el9_8.s390x.rpm SHA-256: 2d9619e48b1f1318bb2284e6a42256239edc0d38b73fea01f6d4243dce90fd4e xorg-x11-server-debuginfo-1.20.11-34.el9_8.s390x.rpm SHA-256: 25c9764c0fec8bc333d5bda75c9fdd437180e3f8585309acc274f76d3ac52884 xorg-x11-server-debugsource-1.20.11-34.el9_8.s390x.rpm SHA-256: 0a9c7bf2beb49080fb4b761328e45b758e72f097b88d7a19611386f65beb8e11 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM xorg-x11-server-1.20.11-34.el9_8.src.rpm SHA-256: e09673ee03d2859daa88e2f0b6eb1b339be8204c2b20870534f7f323ed4d816c s390x xorg-x11-server-Xdmx-1.20.11-34.el9_8.s390x.rpm SHA-256: bd21726ff6bf634adcc78f738e0b4dad4c7d8fc3632b1e3de83d007a8ba2da56 xorg-x11-server-Xdmx-debuginfo-1.20.11-34.el9_8.s390x.rpm SHA-256: bb6e96f7021a4354ba7fa0d9325a28bf53b0d0f1614006d10918da9ab096