PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-50259 Red Hat CVE debrief

CVE-2026-50259 is a HIGH severity vulnerability in X.Org X server and Xwayland. A stack-based buffer overflow flaw was found in _XkbSetMapChecks(), which declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function CheckKeyTypes() writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This may be used to crash the server, or for privilege escalation if the X server runs as root.

Vendor
Red Hat
Product
Red Hat Enterprise Linux 10
CVSS
HIGH 7.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-05
Original CVE updated
2026-06-08
Advisory published
2026-06-05
Advisory updated
2026-06-08

Who should care

Users of X.Org X server and Xwayland should be aware of this vulnerability, especially if the X server runs as root.

Technical summary

The vulnerability exists in the X.Org X server and Xwayland. The _XkbSetMapChecks() function declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The CheckKeyTypes() helper function writes to this buffer at a client-controlled offset, allowing a stack buffer overflow.

Defensive priority

HIGH

Recommended defensive actions

  • Apply patches or updates provided by the vendor.
  • Restrict access to the X server.
  • Monitor for suspicious activity.

Evidence notes

The CVE-2026-50259 vulnerability was found in the X.Org X server and Xwayland. The vulnerability has a CVSS score of 7.8 and is classified as HIGH severity.

Official resources

CVE-2026-50259 was published on 2026-06-05T12:16:39.240Z and modified on 2026-06-08T18:28:43.927Z.