Red Hat Product Errata RHSA-2026:20558 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20558 - Security Advisory Overview Updated Packages Synopsis Important: xorg-x11-server security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999) xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. (CVE-2026-34000) xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001) xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling (CVE-2026-34002) xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2451106 - CVE-2026-33999 xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling BZ - 2451107 - CVE-2026-34000 xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. BZ - 2451109 - CVE-2026-34001 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption BZ - 2451112 - CVE-2026-34002 xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling BZ - 2451113 - CVE-2026-34003 xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access CVEs CVE-2026-33999 CVE-2026-34000 CVE-2026-34001 CVE-2026-34002 CVE-2026-34003 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM xorg-x11-server-1.20.11-33.el9_6.src.rpm SHA-256: 167a5b90c5301046400393d0eebe2bb2ae211fca36816d010ac7308bd7a5fbe5 x86_64 xorg-x11-server-Xdmx-1.20.11-33.el9_6.x86_64.rpm SHA-256: cb4f7d551f1e093fa963fa1f39defb9d29cb0714108576068ab7e4b90feefce8 xorg-x11-server-Xdmx-debuginfo-1.20.11-33.el9_6.x86_64.rpm SHA-256: c33d5cafcf64b0ca2077fbaf851ae1340944de01278b3fe8d76ac0c8db1e9091 xorg-x11-server-Xephyr-1.20.11-33.el9_6.x86_64.rpm SHA-256: ec992a49a67d10f1ef5d06f3725544ee0d799be5ef5172b4a135feb454eda7bd xorg-x11-server-Xephyr-debuginfo-1.20.11-33.el9_6.x86_64.rpm SHA-256: ad32ae64883b1ca7124204d8f3ab5fce7ab931ec75da455185870e8febadd5f6 xorg-x11-server-Xnest-1.20.11-33.el9_6.x86_64.rpm SHA-256: 725ca400fd999a3ad80f366d252bca5c5ab53af0783333aee309fff22fdd0f1c xorg-x11-server-Xnest-debuginfo-1.20.11-33.el9_6.x86_64.rpm SHA-256: 64c73e7399d02598ab19e76bea382582728f9fe7a296b83524d0039b2a61bd6b xorg-x11-server-Xorg-1.20.11-33.el9_6.x86_64.rpm SHA-256: 359ca615ed591bd4c9918e906d0260bb3c88810e700ff53e8035a85d8f034ea8 xorg-x11-server-Xorg-debuginfo-1.20.11-33.el9_6.x86_64.rpm SHA-256: 48476ee2abd79e2e41493480d56fadc3f97a8af60d208b4d44992a4c83f3f35e xorg-x11-server-Xvfb-1.20.11-33.el9_6.x86_64.rpm SHA-256: 7d9cdb48b629c1e7deb669cfb50efcf4fcaf47943df98cf2d944a736f1042299 xorg-x11-server-Xvfb-debuginfo-1.20.11-33.el9_6.x86_64.rpm SHA-256: dc2f068ae66d8a4cfe31af5ad1658cf5639e59f54181a0fc2fc3499a2991bc6c xorg-x11-server-common-1.20.11-33.el9_6.x86_64.rpm SHA-256: d899656db2100c4952efdbd4b32ea1bb3f9369573b7dfa9267c99a9ec64b802f xorg-x11-server-debuginfo-1.20.11-33.el9_6.x86_64.rpm SHA-256: 34cb077fdc909441235f399b6ba91ea319fc8d9e2bedff142781a49b1f10d920 xorg-x11-server-debugsource-1.20.11-33.el9_6.x86_64.rpm SHA-256: be3af23d22805e1c86c7a18a8a3ca563ade735f6db752b7a41527d19f2b12aa6 Red Hat Enterprise Linux Server - AUS 9.6 SRPM xorg-x11-server-1.20.11-33.el9_6.src.rpm SHA-256: 167a5b90c5301046400393d0eebe2bb2ae211fca36816d010ac7308bd7a5fbe5 x86_64 xorg-x11-server-Xdmx-1.20.11-33.el9_6.x86_64.rpm SHA-256: cb4f7d551f1e093fa963fa1f39defb9d29cb0714108576068ab7e4b90feefce8 xorg-x11-server-Xdmx-debuginfo-1.20.11-33.el9_6.x86_64.rpm SHA-256: c33d5cafcf64b0ca2077fbaf851ae1340944de01278b3fe8d76ac0c8db1e9091 xorg-x11-server-Xephyr-1.20.11-33.el9_6.x86_64.rpm SHA-256: ec992a49a67d10f1ef5d06f3725544ee0d799be5ef5172b4a135feb454eda7bd xorg-x11-server-Xephyr-debuginfo-1.20.11-33.el9_6.x86_64.rpm SHA-256: ad32ae64883b1ca7124204d8f3ab5fce7ab931ec75da455185870e8febadd5f6 xorg-x11-server-Xnest-1.20.11-33.el9_6.x86_64.rpm SHA-256: 725ca400fd999a3ad80f366d252bca5c5ab53af0783333aee309fff22fdd0f1c xorg-x11-server-Xnest-debuginfo-1.20.11-33.el9_6.x86_64.rpm SHA-256: 64c73e7399d02598ab19e76bea382582728f9fe7a296b83524d0039b2a61bd6b xorg-x11-server-Xorg-1.20.11-33.el9_6.x86_64.rpm SHA-256: 359ca615ed591bd4c9918e906d0260bb3c88810e700ff53e8035a85d8f034ea8 xorg-x11-server-Xorg-debuginfo-1.20.11-33.el9_6.x86_64.rpm SHA-256: 48476ee2abd79e2e41493480d56fadc3f97a8af60d208b4d44992a4c83f3f35e xorg-x11-server-Xvfb-1.20.11-33.el9_6.x86_64.rpm SHA-256: 7d9cdb48b629c1e7deb669cfb50efcf4fcaf47943df98cf2d944a736f1042299 xorg-x11-server-Xvfb-debuginfo-1.20.11-33.el9_6.x86_64.rpm SHA-256: dc2f068ae66d8a4cfe31af5ad1658cf5639e59f54181a0fc2fc3499a2991bc6c xorg-x11-server-common-1.20.11-33.el9_6.x86_64.rpm SHA-256: d899656db2100c4952efdbd4b32ea1bb3f9369573b7dfa9267c99a9ec64b802f xorg-x11-server-debuginfo-1.20.11-33.el9_6.x86_64.rpm SHA-256: 34cb077fdc909441235f399b6ba91ea319fc8d9e2bedff142781a49b1f10d920 xorg-x11-server-debugsource-1.20.11-33.el9_6.x86_64.rpm SHA-256: be3af23d22805e1c86c7a18a8a3ca563ade735f6db752b7a41527d19f2b12aa6 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM xorg-x11-server-1.20.11-33.el9_6.src.rpm SHA-256: 167a5b90c5301046400393d0eebe2bb2ae211fca36816d010ac7308bd7a5fbe5 s390x xorg-x11-server-Xdmx-1.20.11-33.el9_6.s390x.rpm SHA-256: c3c08b46e6aafcb74e9d8645d7ae0f77c48de500d6e8348d7219b824f0ac31a4 xorg-x11-server-Xdmx-debuginfo-1.20.11-33.el9_6.s390x.rpm SHA-256: bc02e9ff3b1df7771cee82098be4d95be2a19dbd0ab5eac040f95447d5fa03da xorg-x11-server-Xephyr-1.20.11-33.el9_6.s390x.rpm SHA-256: fe21a57c7bd33894fc2f33e3ffd1ab7fd5767d709ca6484069121a5bfceceed8 xorg-x11-server-Xephyr-debuginfo-1.20.11-33.el9_6.s390x.rpm SHA-256: 1e162861fa51be7621f1ba31749f8feea92a3d6e0c9251876633884e05592f5f xorg-x11-server-Xnest-1.20.11-33.el9_6.s390x.rpm SHA-256: cd7ba7bbac8154109efe5ba3468547ecf4ce972a5e8ee4334ebd0c85843263ce xorg-x11-server-Xnest-debuginfo-1.20.11-33.el9_6.s390x.rpm SHA-256: 0deaf233e8e61944232b11db18f686025ec1b25390cfc34566a0c4680f124ba2 xorg-x11-server-Xorg-1.20.11-33.el9_6.s390x.rpm SHA-256: 3c53cbca258d8072ff3dda57bc43f3687cf765a5c4de1fe94b3d65a6b09b1a5d xorg-x11-server-Xorg-debuginfo-1.20.11-33.el9_6.s390x.rpm SHA-256: 9250676f0e2ece1155721d3e844bb73e1a2249d22d5d1883264718fb2a996c7b xorg-x11-server-Xvfb-1.20.11-33.el9_6.s390x.rpm SHA-256: f8586b38c5a71055c7c56880657227e750be68a56a1610b2ddff16d1d6ecf86b xorg-x11-server-Xvfb-debuginfo-1.20.11-33.el9_6.s390x.rpm SHA-256: 01e4a773f4431ba6c515e86ab6788b4cb4e0b2002d934bffc8f8b0ad2dc1fb60 xorg-x11-server-common-1.20.11-33.el9_6.s390x.rpm SHA-256: 9d78cf51419b292fb4c99bdb84a3ad71c46579424d95922a1a5284447a287287 xorg-x11-server-debuginfo-1.20.11-33.el9_6.s390x.rpm SHA-256: 99fb6cdd78b4032170b000515d16b9f3d1ae1a1edfe1b82d8cc76310e08c3152 xorg-x11-server-debugsource-1.20.11-33.el9_6.s390x.rpm SHA-256: 527e71f1a28fcfd897375199671e07c5956662ff84488aaaa288fbb9476890cd Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM xorg-x11-server-1.20.11-33.el9_6.src.rpm SHA-256: 16