CVE-2026-50259
Stack-Based Buffer Overflow in X.Org X Server and Xwayland
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| the_x.org_foundation | xorg_x11_server | to 21.1.22 (inc) |
| the_x.org_foundation | xorg_x11_server_xwayland | to 24.1.9 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-50259 is a stack-based buffer overflow vulnerability found in the X.Org X server and Xwayland. The issue occurs in the _XkbSetMapChecks() function, which declares a fixed-size stack buffer named mapWidths with 256 elements. This buffer is indexed by a key type index that is controlled by the client. The helper function CheckKeyTypes() writes data to this buffer at an offset determined by the client, which can lead to writing beyond the buffer's boundary, causing a stack buffer overflow.
This flaw allows an attacker who can connect as an X client to the server to exploit the overflow, potentially causing the server to crash or, if the X server is running with root privileges, to escalate their privileges.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with access to the X server as a client to cause a denial of service through server crashes or to gain elevated privileges if the server runs as root.
- Server crashes leading to denial of service.
- Privilege escalation if the X server runs with root privileges, potentially allowing an attacker to execute arbitrary code with elevated rights.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects the Xorg X11 server and Xwayland components, specifically versions up to and including 21.1.22 for xorg-x11-server and 24.1.9 for xorg-x11-server-Xwayland.
To detect if your system is vulnerable, you can check the installed versions of these packages.
- For RPM-based systems (e.g., Red Hat, CentOS, Fedora): rpm -q xorg-x11-server xorg-x11-server-Xwayland
- For Debian-based systems (e.g., Ubuntu): dpkg -l | grep xorg-server
If the installed versions are at or below the vulnerable versions, your system is susceptible to this stack buffer overflow.
Additionally, monitoring for crashes or abnormal behavior of the X server may indicate exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to update the affected packages to versions where the vulnerability is fixed.
- Upgrade xorg-x11-server to version 21.1.23 or later.
- Upgrade xorg-x11-server-Xwayland to version 24.1.12 or later.
If immediate updates are not possible, consider restricting access to the X server to trusted clients only, as the vulnerability can be exploited by any connected X client.
Also, running the X server with the least privileges possible can reduce the impact of a potential exploit.