PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-34002 Red Hat CVE debrief

A medium-severity out-of-bounds read vulnerability in the X.Org X server's XKB (X Keyboard Extension) modifier map handling allows an attacker with local access to the X11 server to trigger memory disclosure or denial of service via malformed requests. The vulnerability was published on 2026-05-05 and last modified on 2026-05-28. Red Hat has issued multiple security advisories addressing this flaw across Enterprise Linux versions 6 through 10. The CVSS 3.1 vector indicates local attack vector with low attack complexity, requiring low privileges but no user interaction, resulting in high confidentiality impact and low availability impact.

Vendor
Red Hat
Product
Red Hat Enterprise Linux 10.0 Extended Update Support
CVSS
MEDIUM 6.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-05
Original CVE updated
2026-05-28
Advisory published
2026-05-05
Advisory updated
2026-05-28

Who should care

Organizations running X.Org X server on Red Hat Enterprise Linux 6, 7, 8, 9, or 10; multi-user Linux environments with shared X11 access; systems where local users have X server connectivity.

Technical summary

The vulnerability exists in the XKB (X Keyboard Extension) modifier map handling code of the X.Org X server. An out-of-bounds read occurs when processing malformed XKB requests, allowing an attacker with local access to read beyond allocated memory boundaries. This can expose sensitive information from server memory or cause the X server to crash. The attack requires low privileges and no user interaction, with local attack vector and low attack complexity per CVSS 3.1 scoring.

Defensive priority

medium

Recommended defensive actions

  • Apply relevant Red Hat security advisories (RHSA-2026:20547, RHSA-2026:20555, RHSA-2026:20557, RHSA-2026:20558, RHSA-2026:20560, RHSA-2026:20561, RHSA-2026:20562, RHSA-2026:20563, RHSA-2026:20575, RHSA-2026:20576, RHSA-6
  • Monitor Red Hat Bugzilla 2451112 for technical details
  • Restrict local access to X11 servers where patching is delayed
  • Review X server logs for anomalous XKB extension requests

Evidence notes

Vulnerability description sourced from NVD record. Vendor attribution to Red Hat based on CPE criteria and security advisories. Multiple RHSA errata issued between 2026:20547 and 2026:21742. CWE-805 (Buffer Access with Incorrect Length Value) identified as weakness type.

Official resources

2026-05-05