CVE-2026-34002
MEDIUMX.Org X Server Xwayland - XKB Modifier Map Out-of-Bounds Read
Title source: manualDescription
A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory boundaries. This can lead to the exposure of sensitive information or cause the server to crash, resulting in a denial of service.
References (26)
Core 26
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:23255
https://access.redhat.com/errata/RHSA-2026:23255
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:23496
https://access.redhat.com/errata/RHSA-2026:23496
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:20555
https://access.redhat.com/errata/RHSA-2026:20555
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:20557
https://access.redhat.com/errata/RHSA-2026:20557
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:20558
https://access.redhat.com/errata/RHSA-2026:20558
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:20560
https://access.redhat.com/errata/RHSA-2026:20560
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:20561
https://access.redhat.com/errata/RHSA-2026:20561
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:20562
https://access.redhat.com/errata/RHSA-2026:20562
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:20563
https://access.redhat.com/errata/RHSA-2026:20563
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:20575
https://access.redhat.com/errata/RHSA-2026:20575
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:20576
https://access.redhat.com/errata/RHSA-2026:20576
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:20590
https://access.redhat.com/errata/RHSA-2026:20590
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:21699
https://access.redhat.com/errata/RHSA-2026:21699
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:21712
https://access.redhat.com/errata/RHSA-2026:21712
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:21715
https://access.redhat.com/errata/RHSA-2026:21715
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:21716
https://access.redhat.com/errata/RHSA-2026:21716
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:21718
https://access.redhat.com/errata/RHSA-2026:21718
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:21741
https://access.redhat.com/errata/RHSA-2026:21741
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:22424
https://access.redhat.com/errata/RHSA-2026:22424
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:22456
https://access.redhat.com/errata/RHSA-2026:22456
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:23254
https://access.redhat.com/errata/RHSA-2026:23254
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:24341
https://access.redhat.com/errata/RHSA-2026:24341
Vdb Entry, X_Refsource_Redhat vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2026-34002
Issue Tracking, X_Refsource_Redhat issue-tracking
x_refsource_redhat
RHBZ#2451112
https://bugzilla.redhat.com/show_bug.cgi?id=2451112
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:20547
https://access.redhat.com/errata/RHSA-2026:20547
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:21742
https://access.redhat.com/errata/RHSA-2026:21742
Scores
CVSS v3
6.1
EPSS
0.0049
EPSS Percentile
38.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-805
Status
published
Products (45)
Red Hat/Red Hat Enterprise Linux 10
Red Hat/Red Hat Enterprise Linux 10.0 Extended Update Support
0:24.1.5-6.el10_0
Red Hat/Red Hat Enterprise Linux 6
Red Hat/Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION
0:1.1.0-25.el6_10.16
Red Hat/Red Hat Enterprise Linux 7
Red Hat/Red Hat Enterprise Linux 7 Extended Lifecycle Support
0:1.20.4-34.el7_9
Red Hat/Red Hat Enterprise Linux 7 Extended Lifecycle Support
0:1.8.0-36.el7_9.4
Red Hat/Red Hat Enterprise Linux 8
Red Hat/Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
0:1.11.0-8.el8_4.15
Red Hat/Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
0:1.20.10-4.el8_4
... and 35 more
Published
May 05, 2026
Tracked Since
May 05, 2026