Description
There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:
- A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB
compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer
read overrun. This can lead to memory-safety violations and potentially a denial of service (DoS) or other
severe impacts. (CVE-2026-33999)
- A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry
processing, specifically within the `CheckSetGeom()` and `XkbAddGeomKeyAlias` functions, allows an
attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,
either locally or remotely, can exploit this without user interaction. This could lead to the disclosure
of memory contents or cause a denial of service by crashing the server. (CVE-2026-34000)
- A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence
triggering logic, specifically within the miSyncTriggerFence() function. An attacker with access to the
X11 server can exploit this without user interaction, leading to a server crash and potentially enabling
memory corruption. This could result in a denial of service or further compromise of the system.
(CVE-2026-34001)
- A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X
Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by
sending a malformed request, which causes the server to read beyond its intended memory boundaries. This
can lead to the exposure of sensitive information or cause the server to crash, resulting in a denial of
service. (CVE-2026-34002)
- A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a
specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This
could result in the disclosure of sensitive information or cause the server to crash, leading to a Denial
of Service (DoS). In certain configurations, higher impact outcomes may be possible. (CVE-2026-34003)
Solution
Update the xwayland library and its related packages to version 24.1.10-r0 or later.
Plugin Details
Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security
Risk Information
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:C
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
Exploit Ease: No known exploits are available