CVE-2026-50263
Use-After-Free in X.Org X Server and Xwayland
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| x.org | x11_server | to 21.1.22 (inc) |
| x.org | xwayland | to 24.1.9 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a use-after-free flaw found in the X.Org X server and Xwayland, specifically in the CreateSaverWindow() function.
A client connected to the X server can trigger this flaw by changing window attributes and forcing the screen saver, which causes the program to read memory that has already been freed.
This results in information disclosure, meaning sensitive data could be exposed unintentionally.
How can this vulnerability impact me? :
The vulnerability allows an attacker with local access and low privileges to cause the X server to read freed memory, potentially exposing sensitive information.
Since the flaw leads to information disclosure, it could compromise confidentiality of data handled by the X server.
However, it does not impact integrity or availability, as it does not allow modification or denial of service.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects specific versions of the xorg-x11-server and xorg-x11-server-Xwayland components. Detection involves identifying if these vulnerable versions are installed on your system.
- Check the installed version of xorg-x11-server with a command like: rpm -q xorg-x11-server
- Check the installed version of xorg-x11-server-Xwayland with a command like: rpm -q xorg-x11-server-Xwayland
If the versions are less than or equal to 21.1.22 for xorg-x11-server or less than or equal to 24.1.9 for xorg-x11-server-Xwayland, the system is vulnerable.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the affected components to the fixed versions or later.
- Upgrade xorg-x11-server to version 21.1.23 or later.
- Upgrade xorg-x11-server-Xwayland to version 24.1.12 or later.
These updates fix the use-after-free flaw in the CreateSaverWindow() function that leads to information disclosure.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability leads to information disclosure due to a use-after-free flaw in the X.Org X server and Xwayland. Information disclosure vulnerabilities can potentially impact compliance with data protection regulations such as GDPR and HIPAA, which require the protection of sensitive and personal data from unauthorized access.
Since the vulnerability allows a client connected to the X server to read freed memory, it could expose sensitive information, thereby increasing the risk of non-compliance with standards that mandate confidentiality and data protection.