Issued:: 2026-05-26
Updated:: 2026-05-26

RHSA-2026:20561 - Security Advisory

Overview
Updated Packages

Synopsis

Important: xorg-x11-server-Xwayland security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Xwayland is an X server for running X clients under Wayland.

Security Fix(es):

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999)
xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing. (CVE-2026-34000)
xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001)
xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling (CVE-2026-34002)
xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x

Fixes

BZ - 2451106 - CVE-2026-33999 xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling
BZ - 2451107 - CVE-2026-34000 xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing.
BZ - 2451109 - CVE-2026-34001 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption
BZ - 2451112 - CVE-2026-34002 xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling
BZ - 2451113 - CVE-2026-34003 xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
x86_64
xorg-x11-server-Xwayland-23.2.7-6.el9_6.x86_64.rpm	SHA-256: 3e34af71b1927091fbb35b766fe94d6123958953e56eedc79961002bee569903
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.x86_64.rpm	SHA-256: aceebc9396e95ab29a86e8c7ffc94fd8bc628b759562d6e8d2b887a51052dc01
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.x86_64.rpm	SHA-256: d79dc4399b615bb769f4840e2d7b30443a0898af8d5914b23c7e9ca729d13775

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
x86_64
xorg-x11-server-Xwayland-23.2.7-6.el9_6.x86_64.rpm	SHA-256: 3e34af71b1927091fbb35b766fe94d6123958953e56eedc79961002bee569903
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.x86_64.rpm	SHA-256: aceebc9396e95ab29a86e8c7ffc94fd8bc628b759562d6e8d2b887a51052dc01
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.x86_64.rpm	SHA-256: d79dc4399b615bb769f4840e2d7b30443a0898af8d5914b23c7e9ca729d13775

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
s390x
xorg-x11-server-Xwayland-23.2.7-6.el9_6.s390x.rpm	SHA-256: 2f92f6d3023533949e6ae22c16ebcd89c5f7039299469dc43816654bcff6b949
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.s390x.rpm	SHA-256: 59bd59c349ff9c1a9c6145f88174ecf3846dd0a355243f9b4d9f0c86cb045832
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.s390x.rpm	SHA-256: d339a30fddaf6876415dc9f44516bc2cc8b66687d28b4857c7476eeddb89547e

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
ppc64le
xorg-x11-server-Xwayland-23.2.7-6.el9_6.ppc64le.rpm	SHA-256: 359e8c4a7b008f1d20e48cc2ac467ac9925a583af2471e11e1bbdfa0b27ab445
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.ppc64le.rpm	SHA-256: a9d54ad50dba5f26ea672721165ced9909887e30c664a8885ddc2122b7b824aa
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.ppc64le.rpm	SHA-256: 9b71101938eaef9f2e4acaa2b40508bfcada26330611b05c60807a8e92f724e8

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
aarch64
xorg-x11-server-Xwayland-23.2.7-6.el9_6.aarch64.rpm	SHA-256: 2fd545660393fc417d18aed172759728d9330ec50996bbc47d3b26be1e924607
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.aarch64.rpm	SHA-256: 73917996e7c11261c5ee82ee591fecb1a4760773f5e31141088af3ad974a3966
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.aarch64.rpm	SHA-256: 47d9a548c668ee37461e116bc6b4b00f7bb0740fcd45d57088828a8ad0aaefe9

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
ppc64le
xorg-x11-server-Xwayland-23.2.7-6.el9_6.ppc64le.rpm	SHA-256: 359e8c4a7b008f1d20e48cc2ac467ac9925a583af2471e11e1bbdfa0b27ab445
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.ppc64le.rpm	SHA-256: a9d54ad50dba5f26ea672721165ced9909887e30c664a8885ddc2122b7b824aa
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.ppc64le.rpm	SHA-256: 9b71101938eaef9f2e4acaa2b40508bfcada26330611b05c60807a8e92f724e8

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
x86_64
xorg-x11-server-Xwayland-23.2.7-6.el9_6.x86_64.rpm	SHA-256: 3e34af71b1927091fbb35b766fe94d6123958953e56eedc79961002bee569903
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.x86_64.rpm	SHA-256: aceebc9396e95ab29a86e8c7ffc94fd8bc628b759562d6e8d2b887a51052dc01
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.x86_64.rpm	SHA-256: d79dc4399b615bb769f4840e2d7b30443a0898af8d5914b23c7e9ca729d13775

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6

SRPM
x86_64
xorg-x11-server-Xwayland-23.2.7-6.el9_6.i686.rpm	SHA-256: f817c729f81929b642ae8cd040a8014bc4fec0403ec1b6eb5f5dd27360377930
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.i686.rpm	SHA-256: c0da77d60b76c7fd45d5e1eca7ccf8fa5ff6874d402b4799bf0cb69faee2a9d4
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.x86_64.rpm	SHA-256: aceebc9396e95ab29a86e8c7ffc94fd8bc628b759562d6e8d2b887a51052dc01
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.i686.rpm	SHA-256: 36539be915d086ef60f38916457c1ebcac53fadd811e51d4377a4220ab8248a7
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.x86_64.rpm	SHA-256: d79dc4399b615bb769f4840e2d7b30443a0898af8d5914b23c7e9ca729d13775
xorg-x11-server-Xwayland-devel-23.2.7-6.el9_6.i686.rpm	SHA-256: f96e0bb95e0103ba6a08504e771f2d52c2ce37d8010f41d718c42849c18ddf1b
xorg-x11-server-Xwayland-devel-23.2.7-6.el9_6.x86_64.rpm	SHA-256: ef92734e13ba2f4b3f5e62593a3d63b319680c4bae2f5625d8ec8cc74037d12e

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6

SRPM
ppc64le
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.ppc64le.rpm	SHA-256: a9d54ad50dba5f26ea672721165ced9909887e30c664a8885ddc2122b7b824aa
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.ppc64le.rpm	SHA-256: 9b71101938eaef9f2e4acaa2b40508bfcada26330611b05c60807a8e92f724e8
xorg-x11-server-Xwayland-devel-23.2.7-6.el9_6.ppc64le.rpm	SHA-256: 86edb7ffc36f32c943dc28eb8b4b5238148891534094320a0ac6e90d06218a98

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6

SRPM
s390x
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.s390x.rpm	SHA-256: 59bd59c349ff9c1a9c6145f88174ecf3846dd0a355243f9b4d9f0c86cb045832
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.s390x.rpm	SHA-256: d339a30fddaf6876415dc9f44516bc2cc8b66687d28b4857c7476eeddb89547e
xorg-x11-server-Xwayland-devel-23.2.7-6.el9_6.s390x.rpm	SHA-256: ae13764a34b3916a7b83425be9252fe663fe99956bfbb6a44a09553135a233d8

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6

SRPM
aarch64
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.aarch64.rpm	SHA-256: 73917996e7c11261c5ee82ee591fecb1a4760773f5e31141088af3ad974a3966
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.aarch64.rpm	SHA-256: 47d9a548c668ee37461e116bc6b4b00f7bb0740fcd45d57088828a8ad0aaefe9
xorg-x11-server-Xwayland-devel-23.2.7-6.el9_6.aarch64.rpm	SHA-256: b9f65086ccabe7667e43b0da4ed17f6531f0a3fc0d95a3f4f484cf5c7c559644

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
aarch64
xorg-x11-server-Xwayland-23.2.7-6.el9_6.aarch64.rpm	SHA-256: 2fd545660393fc417d18aed172759728d9330ec50996bbc47d3b26be1e924607
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.aarch64.rpm	SHA-256: 73917996e7c11261c5ee82ee591fecb1a4760773f5e31141088af3ad974a3966
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.aarch64.rpm	SHA-256: 47d9a548c668ee37461e116bc6b4b00f7bb0740fcd45d57088828a8ad0aaefe9

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
s390x
xorg-x11-server-Xwayland-23.2.7-6.el9_6.s390x.rpm	SHA-256: 2f92f6d3023533949e6ae22c16ebcd89c5f7039299469dc43816654bcff6b949
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.s390x.rpm	SHA-256: 59bd59c349ff9c1a9c6145f88174ecf3846dd0a355243f9b4d9f0c86cb045832
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.s390x.rpm	SHA-256: d339a30fddaf6876415dc9f44516bc2cc8b66687d28b4857c7476eeddb89547e

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
x86_64
xorg-x11-server-Xwayland-23.2.7-6.el9_6.x86_64.rpm	SHA-256: 3e34af71b1927091fbb35b766fe94d6123958953e56eedc79961002bee569903
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.x86_64.rpm	SHA-256: aceebc9396e95ab29a86e8c7ffc94fd8bc628b759562d6e8d2b887a51052dc01
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.x86_64.rpm	SHA-256: d79dc4399b615bb769f4840e2d7b30443a0898af8d5914b23c7e9ca729d13775

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
aarch64
xorg-x11-server-Xwayland-23.2.7-6.el9_6.aarch64.rpm	SHA-256: 2fd545660393fc417d18aed172759728d9330ec50996bbc47d3b26be1e924607
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.aarch64.rpm	SHA-256: 73917996e7c11261c5ee82ee591fecb1a4760773f5e31141088af3ad974a3966
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.aarch64.rpm	SHA-256: 47d9a548c668ee37461e116bc6b4b00f7bb0740fcd45d57088828a8ad0aaefe9

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
ppc64le
xorg-x11-server-Xwayland-23.2.7-6.el9_6.ppc64le.rpm	SHA-256: 359e8c4a7b008f1d20e48cc2ac467ac9925a583af2471e11e1bbdfa0b27ab445
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.ppc64le.rpm	SHA-256: a9d54ad50dba5f26ea672721165ced9909887e30c664a8885ddc2122b7b824aa
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.ppc64le.rpm	SHA-256: 9b71101938eaef9f2e4acaa2b40508bfcada26330611b05c60807a8e92f724e8

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6

SRPM
xorg-x11-server-Xwayland-23.2.7-6.el9_6.src.rpm	SHA-256: 72fece538b8a8ac1d5bea6dcb843ef90a9dfc2b349a13c49a291e606b78d80a4
s390x
xorg-x11-server-Xwayland-23.2.7-6.el9_6.s390x.rpm	SHA-256: 2f92f6d3023533949e6ae22c16ebcd89c5f7039299469dc43816654bcff6b949
xorg-x11-server-Xwayland-debuginfo-23.2.7-6.el9_6.s390x.rpm	SHA-256: 59bd59c349ff9c1a9c6145f88174ecf3846dd0a355243f9b4d9f0c86cb045832
xorg-x11-server-Xwayland-debugsource-23.2.7-6.el9_6.s390x.rpm	SHA-256: d339a30fddaf6876415dc9f44516bc2cc8b66687d28b4857c7476eeddb89547e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation