[CLSA-2026:1782484404] xorg-x11-server-Xwayland: Fix of 8 CVEs
Type:
security
Severity:
Important
Release date:
2026-06-26 14:33:49 UTC
Description:
- CVE-2026-50256: increase XLFDMAXFONTNAMELEN and add bounds checks in doListFontsAndAliases/doListFontsWithInfo to prevent stack buffer overflow via long fonts.alias targets - CVE-2026-50257: fix use-after-free in miSyncDestroyFence by using safe list iteration and null-checking pTrigger before dereferencing - CVE-2026-50258: reject XkbSetMap key types with numLevels exceeding XkbMaxShiftLevel to prevent stack buffer overflow in XkbKeyTypesForCoreSymbols - CVE-2026-50259: clamp nMaps to XkbMaxLegalKeyCode+1 in CheckKeyTypes to prevent stack buffer overflow when XkbSetMapResizeTypes wraps - CVE-2026-50260: fix use-after-free in FreeCounter by using safe list iteration, advancing list head before callback, and NULL-ing out shared trigger pointers in FreeAwait - CVE-2026-50261: restart trigger list iteration in SyncChangeCounter after TriggerFired to avoid dereferencing freed sibling-trigger nodes - CVE-2026-50262: fix reversed length check in GLX ChangeDrawableAttributes by using REQUEST_FIXED_SIZE to prevent out-of-bounds read/write - CVE-2026-50263: re-fetch screen private after CheckScreenPrivate in CreateSaverWindow to avoid use-after-free on saver-window replacement
Updated packages:
  • xorg-x11-server-Xwayland-21.1.3-7.el9.tuxcare.els16.i686.rpm
    sha:1c37b2437dd130c757c165dd9feda3e1ad97cc319824cc412543503280351521
  • xorg-x11-server-Xwayland-21.1.3-7.el9.tuxcare.els16.x86_64.rpm
    sha:5329b668144e5244138399726eab68a0a8aba6c750e8cde7cd10c9409b484ec4
  • xorg-x11-server-Xwayland-devel-21.1.3-7.el9.tuxcare.els16.i686.rpm
    sha:e1deebbf3000b982c1a1bdb49245383cd519af101d10624929e5b79b45508fe2
  • xorg-x11-server-Xwayland-devel-21.1.3-7.el9.tuxcare.els16.x86_64.rpm
    sha:6dbda50086af1086683cdb31ecbb7562377f865c31d8916553675496e7c99287
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.