CVE-2026-50256
Published:June 05, 2026
Updated:June 07, 2026
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias target name length is 1024 bytes. A font alias name between 257 and 1023 bytes causes the X server to copy that name into the undersized stack buffer without further checks. This may be used to crash the server, or for privilege escalation if the X server runs as root.
Affected Packages
https://gitlab.freedesktop.org/xorg/xserver.git (SCM_GIT):
Affected version(s) >=add-Xi <xwayland-24.1.12Fix Suggestion:
Update to version xwayland-24.1.12https://gitlab.freedesktop.org/xorg/xserver.git (SCM_GIT):
Affected version(s) >=add-Xi <xorg-server-21.1.23Fix Suggestion:
Update to version xorg-server-21.1.23Related Resources (5)
Do you need more information?
Contact UsCVSS v4
Base Score:
8.5
Attack Vector
LOCAL
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
HIGH
Vulnerable System Availability
HIGH
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
Weakness Type (CWE)
Stack-based Buffer Overflow
EPSS
Base Score:
0.01