Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:19344: Important: xorg-x11-server-Xwayland security update

xorg-x11-server-xwaylandcve-2026-33999red-hatcve-2026-34001cve-2026-34003
This security update addresses three high-severity vulnerabilities (CVE-2026-33999, CVE-2026-34001, CVE-2026-34003, all CVSS 7.8) in the Xwayland X server for Red Hat Enterprise Linux 9, including an integer underflow, a use-after-free, and an out-of-bounds memory access, which can lead to denial of service, memory corruption, and information exposure.
Read Full Article →

Red Hat Product Errata RHSA-2026:19344 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19344 - Security Advisory Overview Updated Packages Synopsis Important: xorg-x11-server-Xwayland security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Xwayland is an X server for running X clients under Wayland. Security Fix(es): xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999) xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001) xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.8 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.8 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2451106 - CVE-2026-33999 xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling BZ - 2451109 - CVE-2026-34001 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption BZ - 2451113 - CVE-2026-34003 xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access CVEs CVE-2026-33999 CVE-2026-34001 CVE-2026-34003 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM xorg-x11-server-Xwayland-24.1.9-4.el9_8.src.rpm SHA-256: 03a813e31cb95616b166ef44ac44b3dfd3c31057754b1eeb5593d1caa5479b4e x86_64 xorg-x11-server-Xwayland-24.1.9-4.el9_8.x86_64.rpm SHA-256: 1809df562a3b86c40fd5394d714868ef1df2a985abf34451104a430bed5a7bcc xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el9_8.x86_64.rpm SHA-256: 74a5c9213d3cfa6e99b15734edfb8db88ac31212bac4728001895dc1d10ce889 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el9_8.x86_64.rpm SHA-256: 6f07396f12cd5734bb9c89083546619da939760e9aad592f270f98e5477a493b Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM xorg-x11-server-Xwayland-24.1.9-4.el9_8.src.rpm SHA-256: 03a813e31cb95616b166ef44ac44b3dfd3c31057754b1eeb5593d1caa5479b4e x86_64 xorg-x11-server-Xwayland-24.1.9-4.el9_8.x86_64.rpm SHA-256: 1809df562a3b86c40fd5394d714868ef1df2a985abf34451104a430bed5a7bcc xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el9_8.x86_64.rpm SHA-256: 74a5c9213d3cfa6e99b15734edfb8db88ac31212bac4728001895dc1d10ce889 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el9_8.x86_64.rpm SHA-256: 6f07396f12cd5734bb9c89083546619da939760e9aad592f270f98e5477a493b Red Hat Enterprise Linux for IBM z Systems 9 SRPM xorg-x11-server-Xwayland-24.1.9-4.el9_8.src.rpm SHA-256: 03a813e31cb95616b166ef44ac44b3dfd3c31057754b1eeb5593d1caa5479b4e s390x xorg-x11-server-Xwayland-24.1.9-4.el9_8.s390x.rpm SHA-256: 91a6d78c5dbe17e1e517424c7c711f65c696d6b219de2daf6d2c8c1fb60e1b0e xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el9_8.s390x.rpm SHA-256: dbe9d0ff93bd98f440be0487d8e949524280ee0260c851fbfccddad364d0e30d xorg-x11-server-Xwayland-debugsource-24.1.9-4.el9_8.s390x.rpm SHA-256: 6cf473c4b4f6c852641a14b14af993ef223fa51385472fa5e7d4c8fd4beba069 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM xorg-x11-server-Xwayland-24.1.9-4.el9_8.src.rpm SHA-256: 03a813e31cb95616b166ef44ac44b3dfd3c31057754b1eeb5593d1caa5479b4e s390x xorg-x11-server-Xwayland-24.1.9-4.el9_8.s390x.rpm SHA-256: 91a6d78c5dbe17e1e517424c7c711f65c696d6b219de2daf6d2c8c1fb60e1b0e xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el9_8.s390x.rpm SHA-256: dbe9d0ff93bd98f440be0487d8e949524280ee0260c851fbfccddad364d0e30d xorg-x11-server-Xwayland-debugsource-24.1.9-4.el9_8.s390x.rpm SHA-256: 6cf473c4b4f6c852641a14b14af993ef223fa51385472fa5e7d4c8fd4beba069 Red Hat Enterprise Linux for Power, little endian 9 SRPM xorg-x11-server-Xwayland-24.1.9-4.el9_8.src.rpm SHA-256: 03a813e31cb95616b166ef44ac44b3dfd3c31057754b1eeb5593d1caa5479b4e ppc64le xorg-x11-server-Xwayland-24.1.9-4.el9_8.ppc64le.rpm SHA-256: 5c8622ba2940e99406c44ad4210c7be9bef10749f4b3ba92957bf8c9da1a2cef xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el9_8.ppc64le.rpm SHA-256: 7fa3c63731cc5ccee9509857cd46f2f2f1b4162bda622a63e65bca0a34dd7b2f xorg-x11-server-Xwayland-debugsource-24.1.9-4.el9_8.ppc64le.rpm SHA-256: 54b97a0f5d7e74f34fc76a655b204c2eae76aa3e5b1fb4c4b7cac4cdf6746cd0 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM xorg-x11-server-Xwayland-24.1.9-4.el9_8.src.rpm SHA-256: 03a813e31cb95616b166ef44ac44b3dfd3c31057754b1eeb5593d1caa5479b4e ppc64le xorg-x11-server-Xwayland-24.1.9-4.el9_8.ppc64le.rpm SHA-256: 5c8622ba2940e99406c44ad4210c7be9bef10749f4b3ba92957bf8c9da1a2cef xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el9_8.ppc64le.rpm SHA-256: 7fa3c63731cc5ccee9509857cd46f2f2f1b4162bda622a63e65bca0a34dd7b2f xorg-x11-server-Xwayland-debugsource-24.1.9-4.el9_8.ppc64le.rpm SHA-256: 54b97a0f5d7e74f34fc76a655b204c2eae76aa3e5b1fb4c4b7cac4cdf6746cd0 Red Hat Enterprise Linux for ARM 64 9 SRPM xorg-x11-server-Xwayland-24.1.9-4.el9_8.src.rpm SHA-256: 03a813e31cb95616b166ef44ac44b3dfd3c31057754b1eeb5593d1caa5479b4e aarch64 xorg-x11-server-Xwayland-24.1.9-4.el9_8.aarch64.rpm SHA-256: cd5cde1057ea1a686759e04e0b08e9d471142e2fe86b3b2df91e3faca948377f xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el9_8.aarch64.rpm SHA-256: be04d71cc71610759490c813596cbc81984d52ac08ede4755629b5b9ff4ce2a3 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el9_8.aarch64.rpm SHA-256: 50b5a2b0b048bd660b141032df812e915c6dd1bf5e1e1a0dbf19d3b71f94681c Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 SRPM xorg-x11-server-Xwayland-24.1.9-4.el9_8.src.rpm SHA-256: 03a813e31cb95616b166ef44ac44b3dfd3c31057754b1eeb5593d1caa5479b4e aarch64 xorg-x11-server-Xwayland-24.1.9-4.el9_8.aarch64.rpm SHA-256: cd5cde1057ea1a686759e04e0b08e9d471142e2fe86b3b2df91e3faca948377f xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el9_8.aarch64.rpm SHA-256: be04d71cc71610759490c813596cbc81984d52ac08ede4755629b5b9ff4ce2a3 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el9_8.aarch64.rpm SHA-256: 50b5a2b0b048bd660b141032df812e915c6dd1bf5e1e1a0dbf19d3b71f94681c Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 SRPM xorg-x11-server-Xwayland-24.1.9-4.el9_8.src.rpm SHA-256: 03a813e31cb95616b166ef44ac44b3dfd3c31057754b1eeb5593d1caa5479b4e ppc64le xorg-x11-server-Xwayland-24.1.9-4.el9_8.ppc64le.rpm SHA-256: 5c8622ba2940e99406c44ad4210c7be9bef10749f4b3ba92957bf8c9da1a2cef xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el9_8.ppc64le.rpm SHA-256: 7fa3c63731cc5ccee9509857cd46f2f2f1b4162bda622a63e65bca0a34dd7b2f xorg-x11-server-Xwayland-debugsource-24.1.9-4.el9_8.ppc64le.rpm SHA-256: 54b97a0f5d7e74f34fc76a655b204c2eae76aa3e5b1fb4c4b7cac4cdf6746cd0 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 SRPM xorg-x11-server-Xwayland-24.1.9-4.el9_8.src.rpm SHA-256: 03a813e31cb95616b166ef44ac44b3dfd3c31057754b1eeb5593d1caa5479b4e x86_64 xorg-x11-server-Xwayland-24.1.9-4.el9_8.x86_64.rpm SHA-256: 1809df562a3b86c40fd5394d714868ef1df2a985abf34451104a430bed5a7bcc xorg-x11-server-Xwayland-debuginfo-24.1.9-4.el9_8.x86_64.rpm SHA-256: 74a5c9213d3cfa6e99b15734edfb8db88ac31212bac4728001895dc1d10ce889 xorg-x11-server-Xwayland-debugsource-24.1.9-4.el9_8.x86_64.rpm SHA-256: 6f07396f12cd5734bb9c89083546619da939760e9aad592f270f98e5477a493b Red Hat CodeReady Linux Builder for x86_64 9 SRPM x86_64 xorg-x11-server-Xwayland-24.1.9-4.el9_8.i686.rpm SHA-256: a8a807f1

Related Articles

HIGH RHSA-2026:11352: Important: xorg-x11-server-Xwayland security update Red Hat Errata HIGH RHSA-2026:11656: Important: xorg-x11-server-Xwayland security update Red Hat Errata HIGH RHSA-2026:19342: Important: tigervnc security update Red Hat Errata HIGH RHSA-2026:20562: Important: xorg-x11-server-Xwayland security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn