[CLSA-2026:1784071570] xorg-x11-server: Fix of 3 CVEs
Type:
security
Severity:
Important
Release date:
2026-07-14 23:26:24 UTC
Description:
- CVE-2026-33999: fix integer underflow / buffer re-use in _XkbSetCompatMap() leading to out-of-bounds read (ZDI-CAN-28593) - CVE-2026-34001: fix use-after-free in miSyncTriggerFence() leading to server crash and potential memory corruption - CVE-2026-34003: add bounds checking in CheckKeyTypes() to prevent out-of-bounds read (ZDI-CAN-28736)
Updated packages:
  • xorg-x11-server-Xdmx-1.20.4-99.el7_9.tuxcare.els9.x86_64.rpm
    sha:a8ffd298c1a1169283293640d5072d22b57d9d3c0986a5711cc79d158032f9ce
  • xorg-x11-server-Xephyr-1.20.4-99.el7_9.tuxcare.els9.x86_64.rpm
    sha:5bbc2c96720e3378b1e188755ed1ad824c74447db67f4d673f2a45a614229a61
  • xorg-x11-server-Xnest-1.20.4-99.el7_9.tuxcare.els9.x86_64.rpm
    sha:53896e7538f7fa5f64e2641d9277acf6f06e93fe836892e7376fbe6eff686436
  • xorg-x11-server-Xorg-1.20.4-99.el7_9.tuxcare.els9.x86_64.rpm
    sha:8d40c6b845ee59df36801cd70bc0e667660d7fbd85137157f413aa1d321e56b9
  • xorg-x11-server-Xvfb-1.20.4-99.el7_9.tuxcare.els9.x86_64.rpm
    sha:6b9f1ad4ebf676cdac46fdafe97098ff8a6017175eb18672bff5bc6ca81ab35d
  • xorg-x11-server-Xwayland-1.20.4-99.el7_9.tuxcare.els9.x86_64.rpm
    sha:34c9ed6839cf406690e1981ae0d2066e6735951f3c37b16c377e24c1275127ce
  • xorg-x11-server-common-1.20.4-99.el7_9.tuxcare.els9.x86_64.rpm
    sha:3c7adda95b9212f74fd474f1de4941d78a5650b8f4edacc6311fbb9346936026
  • xorg-x11-server-devel-1.20.4-99.el7_9.tuxcare.els9.i686.rpm
    sha:ffa6d678d6e481ae1ae9234fb72ad1642cd298dd1f3ea82013c12800610d97bb
  • xorg-x11-server-devel-1.20.4-99.el7_9.tuxcare.els9.x86_64.rpm
    sha:b5895d3366e3b6684f620a5d2bacb28f52a6f7c094a0efd9357913946675574f
  • xorg-x11-server-source-1.20.4-99.el7_9.tuxcare.els9.noarch.rpm
    sha:2bf12b066cafd71d86a81455046bdea08f281e08dc106b66177e22ec33de1a19
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.