Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
X Window Server update fixes critical security flaws
SUSE-SU-2026:1335-1
Summary
This update fixes multiple security issues in the X Window Server that could allow an attacker to execute arbitrary code or crash the system. Affected users should update their X Window Server to the latest version to prevent potential security risks.
What to do
- Update xorg-x11-server to version 21.1.4-150500.7.46.1.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS | – | xorg-x11-server |
< 21.1.4-150500.7.46.1 Fix: upgrade to 21.1.4-150500.7.46.1
|
| SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS | – | xorg-x11-server |
< 21.1.4-150500.7.46.1 Fix: upgrade to 21.1.4-150500.7.46.1
|
| SUSE:Linux Enterprise Server 15 SP5-LTSS | – | xorg-x11-server |
< 21.1.4-150500.7.46.1 Fix: upgrade to 21.1.4-150500.7.46.1
|
| SUSE:Linux Enterprise Server for SAP Applications 15 SP5 | – | xorg-x11-server |
< 21.1.4-150500.7.46.1 Fix: upgrade to 21.1.4-150500.7.46.1
|
Original title
Security update for xorg-x11-server
Original description
This update for xorg-x11-server fixes the following issues:
- CVE-2026-33999: XKB Integer Underflow in XkbSetCompatMap() (bsc#1260922).
- CVE-2026-34000: XKB Out-of-bounds Read in CheckSetGeom() (bsc#1260923).
- CVE-2026-34001: XSYNC Use-after-free in miSyncTriggerFence() (bsc#1260924).
- CVE-2026-34002: XKB Out-of-bounds read in CheckModifierMap() (bsc#1260925).
- CVE-2026-34003: XKB Buffer overflow in CheckKeyTypes() (bsc#1260926).
- CVE-2026-33999: XKB Integer Underflow in XkbSetCompatMap() (bsc#1260922).
- CVE-2026-34000: XKB Out-of-bounds Read in CheckSetGeom() (bsc#1260923).
- CVE-2026-34001: XSYNC Use-after-free in miSyncTriggerFence() (bsc#1260924).
- CVE-2026-34002: XKB Out-of-bounds read in CheckModifierMap() (bsc#1260925).
- CVE-2026-34003: XKB Buffer overflow in CheckKeyTypes() (bsc#1260926).
- https://www.suse.com/support/update/announcement/2026/suse-su-20261335-1/ Vendor Advisory
- https://bugzilla.suse.com/1260922 Third Party Advisory
- https://bugzilla.suse.com/1260923 Third Party Advisory
- https://bugzilla.suse.com/1260924 Third Party Advisory
- https://bugzilla.suse.com/1260925 Third Party Advisory
- https://bugzilla.suse.com/1260926 Third Party Advisory
- https://www.suse.com/security/cve/CVE-2026-33999 URL
- https://www.suse.com/security/cve/CVE-2026-34000 URL
- https://www.suse.com/security/cve/CVE-2026-34001 URL
- https://www.suse.com/security/cve/CVE-2026-34002 URL
- https://www.suse.com/security/cve/CVE-2026-34003 URL
Published: 14 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026