[ALSA-2026:26590] Important: xorg-x11-server-Xwayland security, bug fix, and enhancement update
Type:
security
Severity:
important
Release date:
2026-07-02
Description:
Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch (CVE-2026-50256) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence() (CVE-2026-50257) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels (CVE-2026-50258) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing (CVE-2026-50259) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter() (CVE-2026-50260) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter() (CVE-2026-50261) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes (CVE-2026-50262) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow() (CVE-2026-50263) * xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat (CVE-2026-50264) Bug Fix(es) and Enhancement(s): * [xwayland] Backport other security fixes without a CVE assigned [almalinux-9.8.z] (JIRA:AlmaLinux-184292) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 xorg-x11-server-Xwayland-devel-24.1.9-4.el9_8.2.aarch64.rpm 0b6e73157c21b8388d5471876f22a717d93b8bb95939843272affaebb01cbcfd
aarch64 xorg-x11-server-Xwayland-24.1.9-4.el9_8.2.aarch64.rpm 87b14279a6821ca63a67fd65aec9338aa71366a43b5f35eb6e88a1b72cf88ba7
i686 xorg-x11-server-Xwayland-devel-24.1.9-4.el9_8.2.i686.rpm 2219ba0a722cb593e68929bd672ca72f8dc3cb07f6c7802d136e561bbb54f5f6
i686 xorg-x11-server-Xwayland-24.1.9-4.el9_8.2.i686.rpm 4a54f78a9c1efdb44f1fb4832f46bbe13de8f277fdfa66739ef210e6a9f3023d
ppc64le xorg-x11-server-Xwayland-devel-24.1.9-4.el9_8.2.ppc64le.rpm 829275539a5badd70282fb8f43343913d1a96c6372df0f99bf4ce908a554733f
ppc64le xorg-x11-server-Xwayland-24.1.9-4.el9_8.2.ppc64le.rpm 9ecdc517ed4d9420a8b56d5e5c348e1068e3bbabdf6e111a5a56067034950841
s390x xorg-x11-server-Xwayland-24.1.9-4.el9_8.2.s390x.rpm c538a5b9daa607331ebc6abbd033d45e2485edd16a05516daf2acebe27a90833
s390x xorg-x11-server-Xwayland-devel-24.1.9-4.el9_8.2.s390x.rpm de9911def1fb22db2b04cd5068444aa7f38fd10a769c82c2d6df7e68e338113d
x86_64 xorg-x11-server-Xwayland-24.1.9-4.el9_8.2.x86_64.rpm 5b688f603b556f88c781179adf8045775e86ab7d2aa04c647d0ea57dac0dc8ee
x86_64 xorg-x11-server-Xwayland-devel-24.1.9-4.el9_8.2.x86_64.rpm 920e507158ac9ddb5a67b4eb9a800328c0b1b17052d30aff02e9f14e187c0fdc
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.