[SECURITY] Fedora 43 Update: xorg-x11-server-Xwayland-24.1.12-1.fc43

Xwayland is an X server for running X clients under Wayland...

CVE-2026-50263 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1

CVE-2026-50263 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-50257 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1

CVE-2026-50257 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-50262 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1

CVE-2026-50262 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-50256 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1

CVE-2026-50256 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-50260 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1

CVE-2026-50260 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-50261 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1

CVE-2026-50261 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-50259 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1

CVE-2026-50259 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1. An upgraded version of the package is available that resolves this issue...

OESA-2026-2681 xorg-x11-server security update

X.Org X11 X server Security Fixes: 'Hi all,\n\nCVEs have been issued now, please see inline below\n\nOn Tue, Jun 02, 2026 at 10:01:46AM +1000, Peter Hutterer wrote:', "=======================================================================\nX.Org Security Advisory: June 2, 2026 \n\nIssues in X.Or...

Fedora 43 : xorg-x11-server-Xwayland (2026-557e726e74)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-557e726e74 advisory. Update to xwayland 24.1.12, Security fixes for: ZDI-CAN-30136, ZDI-CAN-30159, ZDI-CAN-30160, ZDI-CAN-30161, ZDI-CAN-30163, ZDI-CAN-30164, ZDI-CAN-30165,...

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb key types due to unchecked shift levels

...

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in misyncdestroyfence()

...

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in freecounter()

...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

RHEL 8 : tigervnc (RHSA-2026:24341)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24341 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

Amazon Linux 2023 : xorg-x11-server-Xwayland, xorg-x11-server-Xwayland-devel (ALAS2023-2026-1789)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1789 advisory. A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer...

SUSE CVE-2026-50256

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

SUSE CVE-2026-50257

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

SUSE CVE-2026-50258

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel XkbNumKbdGroups but CheckKeyTypes does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key types to excessive shift...

SUSE CVE-2026-50259

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...