Overview
- Red Hat
- Red Hat Enterprise Linux 10
- xorg-x11-server-Xwayland
05 Jun 2026
Published
25 Jun 2026
Updated
CVSS
Pending
EPSS
0.16%
KEV
Description
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function CheckKeyTypes() writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This may be used to crash the server, or for privilege escalation if the X server runs as root.
Statistics
- 1 Post
Last activity: 10 hours ago
Fediverse
Ten CVEs fixed in patched xorg-xserver now available for Debian stable (trixie):
* sync: fix deletion of counters and fences (CVE-2026-50257, CVE-2026-50260) (Closes: #1138680)
* sync: restart trigger list iteration in SyncChangeCounter after TriggerFired (CVE-2026-50261) (Closes: #1138680)
* xkb: reject key types with num_levels exceeding XkbMaxShiftLevel (CVE-2026-50258) (Closes: #1138680)
* xkb: clamp nMaps to mapWidths buffer size in CheckKeyTypes (CVE-2026-50259) (Closes: #1138680)
...