Executive Summary

CVE-2026-50262 is a vulnerability in the X.Org X server and Xwayland packages involving an out-of-bounds read and write flaw in the __glXDisp_ChangeDrawableAttributes() function.

The flaw is caused by incorrect size validation, which allows a client to control the number of bytes read or written beyond the intended request buffer.

While the read operation can lead to information disclosure, the write operation could potentially crash the server or enable privilege escalation if the server runs with root privileges. However, the write path requires byte-swapped clients, which are disabled by default, reducing the risk of exploitation.

Any X client that can connect to the server can trigger this vulnerability.

Useful 0 Not Useful 0

Compliance Impact

This vulnerability allows an out-of-bounds read that can lead to information disclosure by reading client-controlled bytes beyond the request buffer. Such unauthorized disclosure of information could potentially impact compliance with data protection regulations like GDPR and HIPAA, which require safeguarding sensitive data against unauthorized access.

However, the provided information does not specify exact impacts on compliance frameworks or whether the disclosed information includes personal or protected health information.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can impact you by allowing an attacker to read sensitive information from the server's memory due to the out-of-bounds read.

In some cases, if the write path is exploited (which requires byte-swapped clients and is disabled by default), it could crash the X server or even lead to privilege escalation if the server is running with root privileges.

Therefore, the main risks are information disclosure and potential denial of service or privilege escalation under specific conditions.

Useful 0 Not Useful 0

Detection Guidance

Detection of this vulnerability involves identifying if your system is running affected versions of the xorg-x11-server or xorg-x11-server-Xwayland packages. Specifically, versions up to 21.1.22 for xorg-x11-server and up to 24.1.9 for xorg-x11-server-Xwayland are vulnerable.

You can check the installed package versions using commands like:

• For RPM-based systems (e.g., Red Hat, CentOS, Fedora): rpm -q xorg-x11-server xorg-x11-server-Xwayland
• For Debian-based systems (e.g., Ubuntu): dpkg -l | grep xorg-x11-server

Additionally, monitoring for unusual crashes or information disclosure attempts related to the GLX ChangeDrawableAttributes function may indicate exploitation attempts, but no specific detection commands or signatures are provided.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to update the affected packages to fixed versions. Specifically, upgrade to xorg-server version 21.1.23 or later and xwayland version 24.1.12 or later.

Since the write path requires byte-swapped clients which are disabled by default, the primary risk is information disclosure via the out-of-bounds read. Limiting access to the X server to trusted clients can reduce exposure.

If patching is not immediately possible, consider restricting network or local access to the X server to prevent untrusted clients from connecting.

Useful 0 Not Useful 0