CVE-2026-50258
Stack-Based Buffer Overflow in X.Org X Server and Xwayland
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| the_x.org_foundation | xorg_x11_server | to 21.1.22 (inc) |
| the_x.org_foundation | xorg_x11_server_xwayland | to 24.1.9 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2026-50258 is a stack-based buffer overflow vulnerability in the X.Org X server and Xwayland, specifically in the XKB key types component.
The issue occurs because the CheckKeyTypes() function does not properly validate or limit the number of shift levels a client can set for key types. This allows a client to assign excessive shift levels that exceed the size of the allocated stack buffers.
As a result, this can cause multiple stack overflows, potentially leading to crashes or privilege escalation if the X server is running with root privileges.
This vulnerability is a consequence of an incomplete fix for a previous vulnerability, CVE-2025-26597.
How can this vulnerability impact me? :
This vulnerability can be exploited by any X client connected to the X.Org X server or Xwayland.
The impacts include:
- Crashing the X server, leading to denial of service.
- Privilege escalation if the X server is running with root privileges, potentially allowing an attacker to execute code with elevated rights.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying if your system is running affected versions of the Xorg X11 server or Xwayland.
- Check the installed version of xorg-x11-server: rpm -q xorg-x11-server
- Check the installed version of xorg-x11-server-Xwayland: rpm -q xorg-x11-server-Xwayland
If the versions are less than or equal to 21.1.22 for xorg-x11-server or less than or equal to 24.1.9 for xorg-x11-server-Xwayland, your system is vulnerable.
Additionally, monitoring for crashes or unusual behavior in the X server processes may indicate exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the affected packages to versions containing the upstream fixes.
- Upgrade xorg-x11-server to version 21.1.23 or later.
- Upgrade xorg-x11-server-Xwayland to version 24.1.12 or later.
If immediate updates are not possible, consider restricting access to the X server to trusted clients only, as the vulnerability can be exploited by any connected X client.
Also, running the X server with the least privileges possible can reduce the impact of a potential exploit.