Red Hat Product Errata RHSA-2026:20547 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20547 - Security Advisory Overview Updated Packages Synopsis Important: xorg-x11-server-Xwayland security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Xwayland is an X server for running X clients under Wayland. Security Fix(es): xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999) xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. (CVE-2026-34000) xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001) xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling (CVE-2026-34002) xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x Fixes BZ - 2451106 - CVE-2026-33999 xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling BZ - 2451107 - CVE-2026-34000 xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. BZ - 2451109 - CVE-2026-34001 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption BZ - 2451112 - CVE-2026-34002 xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling BZ - 2451113 - CVE-2026-34003 xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access CVEs CVE-2026-33999 CVE-2026-34000 CVE-2026-34001 CVE-2026-34002 CVE-2026-34003 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.2 SRPM xorg-x11-server-Xwayland-21.1.3-10.el9_2.src.rpm SHA-256: 3d3840c56c2a463b00bf29e67967885aeb330986b5b0ced057b20e3e3786b748 x86_64 xorg-x11-server-Xwayland-21.1.3-10.el9_2.x86_64.rpm SHA-256: 200934bd6afb91d91227e8e57f2992295b2e7e03026c97301edf5ef541442a27 xorg-x11-server-Xwayland-debuginfo-21.1.3-10.el9_2.x86_64.rpm SHA-256: 35b2819ced4d38cde1740563ab4217c33b7256aa32c4141eea087bab7edf444f xorg-x11-server-Xwayland-debugsource-21.1.3-10.el9_2.x86_64.rpm SHA-256: d481ffec26fc1c3d727d9ff89032480ab743f09c54c2d18cdaeaa33a179c7428 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 SRPM xorg-x11-server-Xwayland-21.1.3-10.el9_2.src.rpm SHA-256: 3d3840c56c2a463b00bf29e67967885aeb330986b5b0ced057b20e3e3786b748 ppc64le xorg-x11-server-Xwayland-21.1.3-10.el9_2.ppc64le.rpm SHA-256: 621305f40b7d6b35b432509d7bc92dd9ff8bd18e5f6b3772aeb56269da22341a xorg-x11-server-Xwayland-debuginfo-21.1.3-10.el9_2.ppc64le.rpm SHA-256: 805883a3c10b198e3a251f56ab95cd38124f47025853b24a7fe29b147464a86c xorg-x11-server-Xwayland-debugsource-21.1.3-10.el9_2.ppc64le.rpm SHA-256: dc5252dbb8e649eb1ebf6df37ba187e4e318ef7084786ac6ff5525e840267447 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM xorg-x11-server-Xwayland-21.1.3-10.el9_2.src.rpm SHA-256: 3d3840c56c2a463b00bf29e67967885aeb330986b5b0ced057b20e3e3786b748 x86_64 xorg-x11-server-Xwayland-21.1.3-10.el9_2.x86_64.rpm SHA-256: 200934bd6afb91d91227e8e57f2992295b2e7e03026c97301edf5ef541442a27 xorg-x11-server-Xwayland-debuginfo-21.1.3-10.el9_2.x86_64.rpm SHA-256: 35b2819ced4d38cde1740563ab4217c33b7256aa32c4141eea087bab7edf444f xorg-x11-server-Xwayland-debugsource-21.1.3-10.el9_2.x86_64.rpm SHA-256: d481ffec26fc1c3d727d9ff89032480ab743f09c54c2d18cdaeaa33a179c7428 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 SRPM xorg-x11-server-Xwayland-21.1.3-10.el9_2.src.rpm SHA-256: 3d3840c56c2a463b00bf29e67967885aeb330986b5b0ced057b20e3e3786b748 aarch64 xorg-x11-server-Xwayland-21.1.3-10.el9_2.aarch64.rpm SHA-256: 56fb7ed2ea9425ddb8c7290613fa9b878fd1d8624f01499043e82b0454527a40 xorg-x11-server-Xwayland-debuginfo-21.1.3-10.el9_2.aarch64.rpm SHA-256: 8bad44fdeadb2b98dd6722e80847b186ed5155bb85c80b163963496f712d7644 xorg-x11-server-Xwayland-debugsource-21.1.3-10.el9_2.aarch64.rpm SHA-256: d7c7785859ed49da578372313cce13d105884458b878ba3066e2350a18bffb4b Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 SRPM xorg-x11-server-Xwayland-21.1.3-10.el9_2.src.rpm SHA-256: 3d3840c56c2a463b00bf29e67967885aeb330986b5b0ced057b20e3e3786b748 s390x xorg-x11-server-Xwayland-21.1.3-10.el9_2.s390x.rpm SHA-256: 8ca4d268f4e3697c808771f9a912ecc8e6eda483d6c5c6781d7e11ddb1b6aa50 xorg-x11-server-Xwayland-debuginfo-21.1.3-10.el9_2.s390x.rpm SHA-256: 0d07d8b1f1e500540eaaa68cce497922b10cd0c93a42662d93f8443ace0bbd2b xorg-x11-server-Xwayland-debugsource-21.1.3-10.el9_2.s390x.rpm SHA-256: 80ca48a639f7df25400236f2f09e5a82621819108c9097d6d18d1cac75a0156b Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 SRPM xorg-x11-server-Xwayland-21.1.3-10.el9_2.src.rpm SHA-256: 3d3840c56c2a463b00bf29e67967885aeb330986b5b0ced057b20e3e3786b748 x86_64 xorg-x11-server-Xwayland-21.1.3-10.el9_2.x86_64.rpm SHA-256: 200934bd6afb91d91227e8e57f2992295b2e7e03026c97301edf5ef541442a27 xorg-x11-server-Xwayland-debuginfo-21.1.3-10.el9_2.x86_64.rpm SHA-256: 35b2819ced4d38cde1740563ab4217c33b7256aa32c4141eea087bab7edf444f xorg-x11-server-Xwayland-debugsource-21.1.3-10.el9_2.x86_64.rpm SHA-256: d481ffec26fc1c3d727d9ff89032480ab743f09c54c2d18cdaeaa33a179c7428 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 SRPM xorg-x11-server-Xwayland-21.1.3-10.el9_2.src.rpm SHA-256: 3d3840c56c2a463b00bf29e67967885aeb330986b5b0ced057b20e3e3786b748 aarch64 xorg-x11-server-Xwayland-21.1.3-10.el9_2.aarch64.rpm SHA-256: 56fb7ed2ea9425ddb8c7290613fa9b878fd1d8624f01499043e82b0454527a40 xorg-x11-server-Xwayland-debuginfo-21.1.3-10.el9_2.aarch64.rpm SHA-256: 8bad44fdeadb2b98dd6722e80847b186ed5155bb85c80b163963496f712d7644 xorg-x11-server-Xwayland-debugsource-21.1.3-10.el9_2.aarch64.rpm SHA-256: d7c7785859ed49da578372313cce13d105884458b878ba3066e2350a18bffb4b Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 SRPM xorg-x11-server-Xwayland-21.1.3-10.el9_2.src.rpm SHA-256: 3d3840c56c2a463b00bf29e67967885aeb330986b5b0ced057b20e3e3786b748 ppc64le xorg-x11-server-Xwayland-21.1.3-10.el9_2.ppc64le.rpm SHA-256: 621305f40b7d6b35b432509d7bc92dd9ff8bd18e5f6b3772aeb56269da22341a xorg-x11-server-Xwayland-debuginfo-21.1.3-10.el9_2.ppc64le.rpm SHA-256: 805883a3c10b198e3a251f56ab95cd38124f47025853b24a7fe29b147464a86c xorg-x11-server-Xwayland-debugsource-21.1.3-10.el9_2.ppc64le.rpm SHA-256: dc5252dbb8e649eb1ebf6df37ba187e4e318ef7084786ac6ff5525e840267447 Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 SRPM xorg-x11-server-Xwayland-21.1.3-10.el9_2.src.rpm SHA-256: 3d3840c56c2a463b00bf29e67967885aeb330986b5b0ced057b20e3e3786b748 s390x xorg-x11-server-Xwayland-21.1.3-10.el9_2.s390x.rpm SHA-256: 8ca4d268f4e3697c808771f9a912ecc8e6eda483d6c5c6781d7e11ddb1b6aa50 xorg-x11-server-Xwayland-debuginfo-21.1.3-10.el9_2.s390x.rpm SHA-256: 0d07d8b1f1e500540eaaa68cce497922b10cd0c93a42662d93f8443ace0bbd2b xorg-x11-server-Xwayland-debugsource-21.1.3-10.el9_2.s390x.rpm SHA-256: 80ca48a639f7df25400236f2f09e5a82621819108c9097d6d18d1cac75a0156b The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .