Red Hat Product Errata RHSA-2026:20560 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20560 - Security Advisory Overview Updated Packages Synopsis Important: xorg-x11-server-Xwayland security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Xwayland is an X server for running X clients under Wayland. Security Fix(es): xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999) xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. (CVE-2026-34000) xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001) xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling (CVE-2026-34002) xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 Red Hat Enterprise Linux Server - AUS 9.4 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x Fixes BZ - 2451106 - CVE-2026-33999 xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling BZ - 2451107 - CVE-2026-34000 xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. BZ - 2451109 - CVE-2026-34001 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption BZ - 2451112 - CVE-2026-34002 xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling BZ - 2451113 - CVE-2026-34003 xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access CVEs CVE-2026-33999 CVE-2026-34000 CVE-2026-34001 CVE-2026-34002 CVE-2026-34003 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 SRPM xorg-x11-server-Xwayland-22.1.9-8.el9_4.src.rpm SHA-256: 4be14738573af6037df86c340297318315511d47a6a6351b00072d62b206f245 x86_64 xorg-x11-server-Xwayland-22.1.9-8.el9_4.x86_64.rpm SHA-256: 7a3224c884dc2d5936f9c5660a9dc977931cc0aeb8f3e378c3b433f8d61b7592 xorg-x11-server-Xwayland-debuginfo-22.1.9-8.el9_4.x86_64.rpm SHA-256: ded806902ef423ec26e04e5456eb4ef5ebb166818dda0fb2a9911fa053c3ba7a xorg-x11-server-Xwayland-debugsource-22.1.9-8.el9_4.x86_64.rpm SHA-256: 52e8716bd1c4d1b86804c962c38cfe915bff1e516e059d6da007c770e9c7fdc7 Red Hat Enterprise Linux Server - AUS 9.4 SRPM xorg-x11-server-Xwayland-22.1.9-8.el9_4.src.rpm SHA-256: 4be14738573af6037df86c340297318315511d47a6a6351b00072d62b206f245 x86_64 xorg-x11-server-Xwayland-22.1.9-8.el9_4.x86_64.rpm SHA-256: 7a3224c884dc2d5936f9c5660a9dc977931cc0aeb8f3e378c3b433f8d61b7592 xorg-x11-server-Xwayland-debuginfo-22.1.9-8.el9_4.x86_64.rpm SHA-256: ded806902ef423ec26e04e5456eb4ef5ebb166818dda0fb2a9911fa053c3ba7a xorg-x11-server-Xwayland-debugsource-22.1.9-8.el9_4.x86_64.rpm SHA-256: 52e8716bd1c4d1b86804c962c38cfe915bff1e516e059d6da007c770e9c7fdc7 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 SRPM xorg-x11-server-Xwayland-22.1.9-8.el9_4.src.rpm SHA-256: 4be14738573af6037df86c340297318315511d47a6a6351b00072d62b206f245 s390x xorg-x11-server-Xwayland-22.1.9-8.el9_4.s390x.rpm SHA-256: 01c4416a7de9de6bb7f7431152fc4e496daf41aef7f5c7fa47d3163e084b3eec xorg-x11-server-Xwayland-debuginfo-22.1.9-8.el9_4.s390x.rpm SHA-256: bea451736606f832bea5fe2d5527812b34479255f7cf87fe3db057d6332abb81 xorg-x11-server-Xwayland-debugsource-22.1.9-8.el9_4.s390x.rpm SHA-256: 191e06832ad88b1f969cc973caf1b421421fc773e4abebfd7e24d44f260b9e55 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 SRPM xorg-x11-server-Xwayland-22.1.9-8.el9_4.src.rpm SHA-256: 4be14738573af6037df86c340297318315511d47a6a6351b00072d62b206f245 ppc64le xorg-x11-server-Xwayland-22.1.9-8.el9_4.ppc64le.rpm SHA-256: d360ff3e27a7b01535bacd7935738516e8fcf79546f78fd16255d6e4d6757b6a xorg-x11-server-Xwayland-debuginfo-22.1.9-8.el9_4.ppc64le.rpm SHA-256: 69129c3cd8713ee6d1e06740ed5fbe73dfa34b45e1d808daf14338cd6f3ad31b xorg-x11-server-Xwayland-debugsource-22.1.9-8.el9_4.ppc64le.rpm SHA-256: 58e214c511f22b0a8ee6caad08c5913d728d2a3bef84221eb359a4f3dbfa6718 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 SRPM xorg-x11-server-Xwayland-22.1.9-8.el9_4.src.rpm SHA-256: 4be14738573af6037df86c340297318315511d47a6a6351b00072d62b206f245 aarch64 xorg-x11-server-Xwayland-22.1.9-8.el9_4.aarch64.rpm SHA-256: cba3e3753903a884d29f13c4fefb243f8cd1e9cb869103998b72396ab472319b xorg-x11-server-Xwayland-debuginfo-22.1.9-8.el9_4.aarch64.rpm SHA-256: c81b9641fedb327ea6d4b8ccb425b9b18c3131ebc63b77e587a8920103d5830e xorg-x11-server-Xwayland-debugsource-22.1.9-8.el9_4.aarch64.rpm SHA-256: 3349b25414f41de2d980807ab1c0b9437423c3fffc6f8c006b6c0a0000a13a2a Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 SRPM xorg-x11-server-Xwayland-22.1.9-8.el9_4.src.rpm SHA-256: 4be14738573af6037df86c340297318315511d47a6a6351b00072d62b206f245 ppc64le xorg-x11-server-Xwayland-22.1.9-8.el9_4.ppc64le.rpm SHA-256: d360ff3e27a7b01535bacd7935738516e8fcf79546f78fd16255d6e4d6757b6a xorg-x11-server-Xwayland-debuginfo-22.1.9-8.el9_4.ppc64le.rpm SHA-256: 69129c3cd8713ee6d1e06740ed5fbe73dfa34b45e1d808daf14338cd6f3ad31b xorg-x11-server-Xwayland-debugsource-22.1.9-8.el9_4.ppc64le.rpm SHA-256: 58e214c511f22b0a8ee6caad08c5913d728d2a3bef84221eb359a4f3dbfa6718 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 SRPM xorg-x11-server-Xwayland-22.1.9-8.el9_4.src.rpm SHA-256: 4be14738573af6037df86c340297318315511d47a6a6351b00072d62b206f245 x86_64 xorg-x11-server-Xwayland-22.1.9-8.el9_4.x86_64.rpm SHA-256: 7a3224c884dc2d5936f9c5660a9dc977931cc0aeb8f3e378c3b433f8d61b7592 xorg-x11-server-Xwayland-debuginfo-22.1.9-8.el9_4.x86_64.rpm SHA-256: ded806902ef423ec26e04e5456eb4ef5ebb166818dda0fb2a9911fa053c3ba7a xorg-x11-server-Xwayland-debugsource-22.1.9-8.el9_4.x86_64.rpm SHA-256: 52e8716bd1c4d1b86804c962c38cfe915bff1e516e059d6da007c770e9c7fdc7 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 SRPM xorg-x11-server-Xwayland-22.1.9-8.el9_4.src.rpm SHA-256: 4be14738573af6037df86c340297318315511d47a6a6351b00072d62b206f245 aarch64 xorg-x11-server-Xwayland-22.1.9-8.el9_4.aarch64.rpm SHA-256: cba3e3753903a884d29f13c4fefb243f8cd1e9cb869103998b72396ab472319b xorg-x11-server-Xwayland-debuginfo-22.1.9-8.el9_4.aarch64.rpm SHA-256: c81b9641fedb327ea6d4b8ccb425b9b18c3131ebc63b77e587a8920103d5830e xorg-x11-server-Xwayland-debugsource-22.1.9-8.el9_4.aarch64.rpm SHA-256: 3349b25414f41de2d980807ab1c0b9437423c3fffc6f8c006b6c0a0000a13a2a Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 SRPM xorg-x11-server-Xwayland-22.1.9-8.el9_4.src.rpm SHA-256: 4be14738573af6037df86c340297318315511d47a6a6351b00072d62b206f245 s390x xorg-x11-server-Xwayland-22.1.9-8.el9_4.s390x.rpm SHA-256: 01c4416a7de9de6bb7f7431152fc4e496daf41aef7f5c7fa47d3163e084b3eec xorg-x11-server-Xwayland-debuginfo-22.1.9-8.el9_4.s390x.rpm SHA-256: bea451736606f832bea5fe2d5527812b34479255f7cf87fe3db057d6332abb81 xorg-x11-server-Xwayland-debugsource-22.1.9-8.el9_4.s390x.rpm SHA-256: 191e06832ad88b1f969cc973caf1b421421fc773e4abebfd7e24d44f260b9e55 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 SRPM xorg-x11-server-Xwayland-22.1.9-8.el9_4.src.rpm SHA-256: 4be14738573af6037df86c340297318315511d47a6a6351b00072d62b206f245 x86_64 xorg-x11-server-Xwayland-22.1.9-8.el9_4.x86_64.rpm SHA-256: 7a3224c884dc2d5936f9c5660a9dc977931cc0aeb8f3e378c3b433f8d61b7592 xorg-x11-server-Xwayland-debuginfo-22.1.9-8.el9_4.x86_64.rpm SHA-256: ded806902ef423ec26e04e5456eb4ef5ebb166818dda0fb2a9911fa053c3ba7a xorg-x11-server-Xwayland-debugsource-22.1.9-8.el9_4.x86_64.rpm SHA-256: 52e8716bd1c4d1b86804c962c38cfe915bff1e516e059d6da007c770e9c7fdc7 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 SRPM xorg-x11-server-Xwayland-22.1.9-8.el9_4.src.rpm SHA-256: 4be147