Red Hat Product Errata RHSA-2026:0031 - Security Advisory
Issued:
2026-01-05
Updated:
2026-01-05

RHSA-2026:0031 - Security Advisory

Synopsis

Moderate: xorg-x11-server-Xwayland security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Xwayland is an X server for running X clients under Wayland.

Security Fix(es):

  • xorg: xmayland: Use-after-free in XPresentNotify structure creation (CVE-2025-62229)
  • xorg: xwayland: Use-after-free in Xkb client resource removal (CVE-2025-62230)
  • xorg: xmayland: Value overflow in XkbSetCompatMap() (CVE-2025-62231)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

  • BZ - 2402649 - CVE-2025-62229 xorg: xmayland: Use-after-free in XPresentNotify structure creation
  • BZ - 2402653 - CVE-2025-62230 xorg: xwayland: Use-after-free in Xkb client resource removal
  • BZ - 2402660 - CVE-2025-62231 xorg: xmayland: Value overflow in XkbSetCompatMap()

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
xorg-x11-server-Xwayland-22.1.9-7.el9_4.src.rpm SHA-256: b129020d5127960c292a53401fdd850a950820c916c343d43a679890a27ef733
x86_64
xorg-x11-server-Xwayland-22.1.9-7.el9_4.x86_64.rpm SHA-256: afd6573832fb52caa0170d16bf625d06c841b7ac058f33a93224e9e98e0cbfcf
xorg-x11-server-Xwayland-debuginfo-22.1.9-7.el9_4.x86_64.rpm SHA-256: d6381e66dacf1e0110f9f69acc2eb7053ec9182703b3295a44868986126961b8
xorg-x11-server-Xwayland-debugsource-22.1.9-7.el9_4.x86_64.rpm SHA-256: a306f731c1a8f22e2e1add7d10f8cc8f070f6affe84e5bed0b6b755e0f580d72

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
xorg-x11-server-Xwayland-22.1.9-7.el9_4.src.rpm SHA-256: b129020d5127960c292a53401fdd850a950820c916c343d43a679890a27ef733
x86_64
xorg-x11-server-Xwayland-22.1.9-7.el9_4.x86_64.rpm SHA-256: afd6573832fb52caa0170d16bf625d06c841b7ac058f33a93224e9e98e0cbfcf
xorg-x11-server-Xwayland-debuginfo-22.1.9-7.el9_4.x86_64.rpm SHA-256: d6381e66dacf1e0110f9f69acc2eb7053ec9182703b3295a44868986126961b8
xorg-x11-server-Xwayland-debugsource-22.1.9-7.el9_4.x86_64.rpm SHA-256: a306f731c1a8f22e2e1add7d10f8cc8f070f6affe84e5bed0b6b755e0f580d72

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
xorg-x11-server-Xwayland-22.1.9-7.el9_4.src.rpm SHA-256: b129020d5127960c292a53401fdd850a950820c916c343d43a679890a27ef733
s390x
xorg-x11-server-Xwayland-22.1.9-7.el9_4.s390x.rpm SHA-256: 76a31a157dd4df5ccc65efd8bb3086d3b78d012cf2f881ce5c5fd67feed01fda
xorg-x11-server-Xwayland-debuginfo-22.1.9-7.el9_4.s390x.rpm SHA-256: b005af6522da36565fd82a2b7372468c4e067ee83550f1dea7d1f39ac048763e
xorg-x11-server-Xwayland-debugsource-22.1.9-7.el9_4.s390x.rpm SHA-256: 69e762c296d97e75f30c28fd3192b18a70ed1a93d64e27caddd52b97c211bd02

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
xorg-x11-server-Xwayland-22.1.9-7.el9_4.src.rpm SHA-256: b129020d5127960c292a53401fdd850a950820c916c343d43a679890a27ef733
ppc64le
xorg-x11-server-Xwayland-22.1.9-7.el9_4.ppc64le.rpm SHA-256: 49fe2deede981cd6e76d115230007ee384ed7a22c9b874eef5a5955ae61042ad
xorg-x11-server-Xwayland-debuginfo-22.1.9-7.el9_4.ppc64le.rpm SHA-256: bba195757dab12878dc54446400009efc45e174cb0a83568cc44fe9fb211cec1
xorg-x11-server-Xwayland-debugsource-22.1.9-7.el9_4.ppc64le.rpm SHA-256: 60ee379ddba0500bd3dbec287c041ed3e7ad21b3bd01f9ea2714aec4449a7bf6

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
xorg-x11-server-Xwayland-22.1.9-7.el9_4.src.rpm SHA-256: b129020d5127960c292a53401fdd850a950820c916c343d43a679890a27ef733
aarch64
xorg-x11-server-Xwayland-22.1.9-7.el9_4.aarch64.rpm SHA-256: 70f75ed0244c28151799a134603bfca89fa86eed77dd2482bc5c65e237cd874e
xorg-x11-server-Xwayland-debuginfo-22.1.9-7.el9_4.aarch64.rpm SHA-256: 8e1321bfd9e0f3a295fc8e563d03634289cb4b22b59eff1d2fcc926e06c2649d
xorg-x11-server-Xwayland-debugsource-22.1.9-7.el9_4.aarch64.rpm SHA-256: 923b15be126d0dc6fdf33e423e65a6a929dbbaadb59a40b110ec24effb570abe

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
xorg-x11-server-Xwayland-22.1.9-7.el9_4.src.rpm SHA-256: b129020d5127960c292a53401fdd850a950820c916c343d43a679890a27ef733
ppc64le
xorg-x11-server-Xwayland-22.1.9-7.el9_4.ppc64le.rpm SHA-256: 49fe2deede981cd6e76d115230007ee384ed7a22c9b874eef5a5955ae61042ad
xorg-x11-server-Xwayland-debuginfo-22.1.9-7.el9_4.ppc64le.rpm SHA-256: bba195757dab12878dc54446400009efc45e174cb0a83568cc44fe9fb211cec1
xorg-x11-server-Xwayland-debugsource-22.1.9-7.el9_4.ppc64le.rpm SHA-256: 60ee379ddba0500bd3dbec287c041ed3e7ad21b3bd01f9ea2714aec4449a7bf6

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
xorg-x11-server-Xwayland-22.1.9-7.el9_4.src.rpm SHA-256: b129020d5127960c292a53401fdd850a950820c916c343d43a679890a27ef733
x86_64
xorg-x11-server-Xwayland-22.1.9-7.el9_4.x86_64.rpm SHA-256: afd6573832fb52caa0170d16bf625d06c841b7ac058f33a93224e9e98e0cbfcf
xorg-x11-server-Xwayland-debuginfo-22.1.9-7.el9_4.x86_64.rpm SHA-256: d6381e66dacf1e0110f9f69acc2eb7053ec9182703b3295a44868986126961b8
xorg-x11-server-Xwayland-debugsource-22.1.9-7.el9_4.x86_64.rpm SHA-256: a306f731c1a8f22e2e1add7d10f8cc8f070f6affe84e5bed0b6b755e0f580d72

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
xorg-x11-server-Xwayland-22.1.9-7.el9_4.src.rpm SHA-256: b129020d5127960c292a53401fdd850a950820c916c343d43a679890a27ef733
aarch64
xorg-x11-server-Xwayland-22.1.9-7.el9_4.aarch64.rpm SHA-256: 70f75ed0244c28151799a134603bfca89fa86eed77dd2482bc5c65e237cd874e
xorg-x11-server-Xwayland-debuginfo-22.1.9-7.el9_4.aarch64.rpm SHA-256: 8e1321bfd9e0f3a295fc8e563d03634289cb4b22b59eff1d2fcc926e06c2649d
xorg-x11-server-Xwayland-debugsource-22.1.9-7.el9_4.aarch64.rpm SHA-256: 923b15be126d0dc6fdf33e423e65a6a929dbbaadb59a40b110ec24effb570abe

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
xorg-x11-server-Xwayland-22.1.9-7.el9_4.src.rpm SHA-256: b129020d5127960c292a53401fdd850a950820c916c343d43a679890a27ef733
s390x
xorg-x11-server-Xwayland-22.1.9-7.el9_4.s390x.rpm SHA-256: 76a31a157dd4df5ccc65efd8bb3086d3b78d012cf2f881ce5c5fd67feed01fda
xorg-x11-server-Xwayland-debuginfo-22.1.9-7.el9_4.s390x.rpm SHA-256: b005af6522da36565fd82a2b7372468c4e067ee83550f1dea7d1f39ac048763e
xorg-x11-server-Xwayland-debugsource-22.1.9-7.el9_4.s390x.rpm SHA-256: 69e762c296d97e75f30c28fd3192b18a70ed1a93d64e27caddd52b97c211bd02

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.