[ALSA-2026:26562] Important: xorg-x11-server-Xwayland security, bug fix, and enhancement update
Type:
security
Severity:
important
Release date:
2026-06-17
Description:
Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch (CVE-2026-50256) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence() (CVE-2026-50257) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels (CVE-2026-50258) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing (CVE-2026-50259) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter() (CVE-2026-50260) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter() (CVE-2026-50261) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes (CVE-2026-50262) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow() (CVE-2026-50263) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat (CVE-2026-50264) Bug Fix(es) and Enhancement(s): * [xwayland] Backport other security fixes without a CVE assigned [almalinux-8.10.z] (JIRA:AlmaLinux-184293) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 xorg-x11-server-Xwayland-21.1.3-20.el8_10.2.aarch64.rpm 9cb251e18c88f9de5f5f7b55552cf9283482bb28a1ea9db416362506fe650074
ppc64le xorg-x11-server-Xwayland-21.1.3-20.el8_10.2.ppc64le.rpm 3631575864bb019a483e9b44e58b435a63257de9617bb9c9c73ccd03abdb540b
s390x xorg-x11-server-Xwayland-21.1.3-20.el8_10.2.s390x.rpm cb5275b6886b33f422ffb982b2a79912ead661608e8519c15844979169ebedec
x86_64 xorg-x11-server-Xwayland-21.1.3-20.el8_10.2.x86_64.rpm 5b6a1d31151d4ea6b87695a407717a1b13ceff9f67b1f5acbb3c33eba36a8e61
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.