Synopsis
Important: xorg-x11-server-Xwayland security update
Type/Severity
Security Advisory: Important
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Xwayland is an X server for running X clients under Wayland.
Security Fix(es):
- xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch (CVE-2026-50256)
- xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence() (CVE-2026-50257)
- xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels (CVE-2026-50258)
- xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing (CVE-2026-50259)
- xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter() (CVE-2026-50260)
- xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter() (CVE-2026-50261)
- xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes (CVE-2026-50262)
- xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow() (CVE-2026-50263)
- xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat (CVE-2026-50264)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
-
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64
-
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le
-
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x
-
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
-
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
-
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64
Fixes
-
BZ - 2485380
- CVE-2026-50256 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch
-
BZ - 2485382
- CVE-2026-50257 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()
-
BZ - 2485383
- CVE-2026-50258 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels
-
BZ - 2485384
- CVE-2026-50259 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing
-
BZ - 2485385
- CVE-2026-50260 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()
-
BZ - 2485386
- CVE-2026-50261 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()
-
BZ - 2485387
- CVE-2026-50262 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes
-
BZ - 2485388
- CVE-2026-50263 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow()
-
BZ - 2485389
- CVE-2026-50264 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.src.rpm
|
SHA-256: 165c8e612affb9e55328afff057441a95b7647c2fcedcb6b1ff03136c34abec2 |
| x86_64 |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.x86_64.rpm
|
SHA-256: d93f9a43c1c6f5a0f790c500da73b51f0150c21aefe008a06839c47a6dcaf7c2 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-6.el10_0.1.x86_64.rpm
|
SHA-256: a6b6b03d2b413e23221c5646565751719b489dfdafb75fe67b7a9b1e083124ee |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-6.el10_0.1.x86_64.rpm
|
SHA-256: c98001064ccaf40c3970a3204fc3bc912754b660626e43c420e4c98b794bcbe5 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.src.rpm
|
SHA-256: 165c8e612affb9e55328afff057441a95b7647c2fcedcb6b1ff03136c34abec2 |
| s390x |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.s390x.rpm
|
SHA-256: 3b3ba1342057af6d58f5258e68bdba7b6727045a9bb615ebf43aa4e5e0ead52e |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-6.el10_0.1.s390x.rpm
|
SHA-256: 2e142f1be1464bb478d1d8655b9a220932ef7d7ac6425869ab8e509bb7422359 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-6.el10_0.1.s390x.rpm
|
SHA-256: 3a03c9d385cf0c1b4ce8186516651d34dc86bc4c3335d9ad572c969710520b33 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.src.rpm
|
SHA-256: 165c8e612affb9e55328afff057441a95b7647c2fcedcb6b1ff03136c34abec2 |
| ppc64le |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.ppc64le.rpm
|
SHA-256: 30b1d45eff7a9424019dd7543c95b19c5a678015220ac3cfc5977529561e7053 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-6.el10_0.1.ppc64le.rpm
|
SHA-256: a9fd2698e88045b9e85771db4a376d2f8f8fe28002e28e857d38d735bfd2f7c5 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-6.el10_0.1.ppc64le.rpm
|
SHA-256: b4011e4a643932bfd9f608c7a33a2d702f1f32c02b14c0b6d4ef3f29d6563224 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.src.rpm
|
SHA-256: 165c8e612affb9e55328afff057441a95b7647c2fcedcb6b1ff03136c34abec2 |
| aarch64 |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.aarch64.rpm
|
SHA-256: 5615102fbaab5bc30b233d7e1015f98c42f6d98e56aa96fa9fe2449c7f0e4ab8 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-6.el10_0.1.aarch64.rpm
|
SHA-256: d41b9f770c564ef7fd105f89354977c2ea446512da49fe60f17bf5c360d82cba |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-6.el10_0.1.aarch64.rpm
|
SHA-256: 982d745e91cb90cb7431fe9ccca9f29e54df09be3d768d93d0984979dd287314 |
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0
| SRPM |
| x86_64 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-6.el10_0.1.x86_64.rpm
|
SHA-256: a6b6b03d2b413e23221c5646565751719b489dfdafb75fe67b7a9b1e083124ee |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-6.el10_0.1.x86_64.rpm
|
SHA-256: c98001064ccaf40c3970a3204fc3bc912754b660626e43c420e4c98b794bcbe5 |
|
xorg-x11-server-Xwayland-devel-24.1.5-6.el10_0.1.x86_64.rpm
|
SHA-256: 11f31acf75650b1b65aaa81e1966c807d2320cc48fe6faa6d70a16bbd793055e |
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0
| SRPM |
| ppc64le |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-6.el10_0.1.ppc64le.rpm
|
SHA-256: a9fd2698e88045b9e85771db4a376d2f8f8fe28002e28e857d38d735bfd2f7c5 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-6.el10_0.1.ppc64le.rpm
|
SHA-256: b4011e4a643932bfd9f608c7a33a2d702f1f32c02b14c0b6d4ef3f29d6563224 |
|
xorg-x11-server-Xwayland-devel-24.1.5-6.el10_0.1.ppc64le.rpm
|
SHA-256: a0613491aaacc486f8b3a40390482a0c373f5458a69ed2ae704e31fc5813573a |
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0
| SRPM |
| s390x |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-6.el10_0.1.s390x.rpm
|
SHA-256: 2e142f1be1464bb478d1d8655b9a220932ef7d7ac6425869ab8e509bb7422359 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-6.el10_0.1.s390x.rpm
|
SHA-256: 3a03c9d385cf0c1b4ce8186516651d34dc86bc4c3335d9ad572c969710520b33 |
|
xorg-x11-server-Xwayland-devel-24.1.5-6.el10_0.1.s390x.rpm
|
SHA-256: 3b1cd0d709ffb5964fc9a0d727b94bd52f03d45321238e3fe8434d040d9b777c |
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0
| SRPM |
| aarch64 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-6.el10_0.1.aarch64.rpm
|
SHA-256: d41b9f770c564ef7fd105f89354977c2ea446512da49fe60f17bf5c360d82cba |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-6.el10_0.1.aarch64.rpm
|
SHA-256: 982d745e91cb90cb7431fe9ccca9f29e54df09be3d768d93d0984979dd287314 |
|
xorg-x11-server-Xwayland-devel-24.1.5-6.el10_0.1.aarch64.rpm
|
SHA-256: f95e67293b2c3326eefbdaa9c907c518e9ec681cb996888d67c2f656563e18e4 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.src.rpm
|
SHA-256: 165c8e612affb9e55328afff057441a95b7647c2fcedcb6b1ff03136c34abec2 |
| aarch64 |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.aarch64.rpm
|
SHA-256: 5615102fbaab5bc30b233d7e1015f98c42f6d98e56aa96fa9fe2449c7f0e4ab8 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-6.el10_0.1.aarch64.rpm
|
SHA-256: d41b9f770c564ef7fd105f89354977c2ea446512da49fe60f17bf5c360d82cba |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-6.el10_0.1.aarch64.rpm
|
SHA-256: 982d745e91cb90cb7431fe9ccca9f29e54df09be3d768d93d0984979dd287314 |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.src.rpm
|
SHA-256: 165c8e612affb9e55328afff057441a95b7647c2fcedcb6b1ff03136c34abec2 |
| s390x |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.s390x.rpm
|
SHA-256: 3b3ba1342057af6d58f5258e68bdba7b6727045a9bb615ebf43aa4e5e0ead52e |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-6.el10_0.1.s390x.rpm
|
SHA-256: 2e142f1be1464bb478d1d8655b9a220932ef7d7ac6425869ab8e509bb7422359 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-6.el10_0.1.s390x.rpm
|
SHA-256: 3a03c9d385cf0c1b4ce8186516651d34dc86bc4c3335d9ad572c969710520b33 |
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.src.rpm
|
SHA-256: 165c8e612affb9e55328afff057441a95b7647c2fcedcb6b1ff03136c34abec2 |
| ppc64le |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.ppc64le.rpm
|
SHA-256: 30b1d45eff7a9424019dd7543c95b19c5a678015220ac3cfc5977529561e7053 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-6.el10_0.1.ppc64le.rpm
|
SHA-256: a9fd2698e88045b9e85771db4a376d2f8f8fe28002e28e857d38d735bfd2f7c5 |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-6.el10_0.1.ppc64le.rpm
|
SHA-256: b4011e4a643932bfd9f608c7a33a2d702f1f32c02b14c0b6d4ef3f29d6563224 |
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0
| SRPM |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.src.rpm
|
SHA-256: 165c8e612affb9e55328afff057441a95b7647c2fcedcb6b1ff03136c34abec2 |
| x86_64 |
|
xorg-x11-server-Xwayland-24.1.5-6.el10_0.1.x86_64.rpm
|
SHA-256: d93f9a43c1c6f5a0f790c500da73b51f0150c21aefe008a06839c47a6dcaf7c2 |
|
xorg-x11-server-Xwayland-debuginfo-24.1.5-6.el10_0.1.x86_64.rpm
|
SHA-256: a6b6b03d2b413e23221c5646565751719b489dfdafb75fe67b7a9b1e083124ee |
|
xorg-x11-server-Xwayland-debugsource-24.1.5-6.el10_0.1.x86_64.rpm
|
SHA-256: c98001064ccaf40c3970a3204fc3bc912754b660626e43c420e4c98b794bcbe5 |