Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Xorg Server Update Fixes Multiple Security Risks
SUSE-SU-2026:1330-1
Summary
This update fixes multiple security issues in the Xorg server that could allow an attacker to execute malicious code or access sensitive data. Affected users should update their Xorg server to the latest version to prevent potential security risks. If you use the Xorg server, it's recommended to install this update as soon as possible.
What to do
- Update xorg-x11-server to version 21.1.15-150700.5.16.1.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| SUSE:Linux Enterprise Module for Basesystem 15 SP7 | – | xorg-x11-server |
< 21.1.15-150700.5.16.1 Fix: upgrade to 21.1.15-150700.5.16.1
|
| SUSE:Linux Enterprise Module for Development Tools 15 SP7 | – | xorg-x11-server |
< 21.1.15-150700.5.16.1 Fix: upgrade to 21.1.15-150700.5.16.1
|
Original title
Security update for xorg-x11-server
Original description
This update for xorg-x11-server fixes the following issues:
- CVE-2026-33999: XKB Integer Underflow in XkbSetCompatMap() (bsc#1260922).
- CVE-2026-34000: XKB Out-of-bounds Read in CheckSetGeom() (bsc#1260923).
- CVE-2026-34001: XSYNC Use-after-free in miSyncTriggerFence() (bsc#1260924).
- CVE-2026-34002: XKB Out-of-bounds read in CheckModifierMap() (bsc#1260925).
- CVE-2026-34003: XKB Buffer overflow in CheckKeyTypes() (bsc#1260926).
- CVE-2026-33999: XKB Integer Underflow in XkbSetCompatMap() (bsc#1260922).
- CVE-2026-34000: XKB Out-of-bounds Read in CheckSetGeom() (bsc#1260923).
- CVE-2026-34001: XSYNC Use-after-free in miSyncTriggerFence() (bsc#1260924).
- CVE-2026-34002: XKB Out-of-bounds read in CheckModifierMap() (bsc#1260925).
- CVE-2026-34003: XKB Buffer overflow in CheckKeyTypes() (bsc#1260926).
- https://www.suse.com/security/cve/CVE-2026-34001 URL
- https://www.suse.com/support/update/announcement/2026/suse-su-20261330-1/ Vendor Advisory
- https://bugzilla.suse.com/1260922 Third Party Advisory
- https://bugzilla.suse.com/1260923 Third Party Advisory
- https://bugzilla.suse.com/1260924 Third Party Advisory
- https://bugzilla.suse.com/1260925 Third Party Advisory
- https://bugzilla.suse.com/1260926 Third Party Advisory
- https://www.suse.com/security/cve/CVE-2026-33999 URL
- https://www.suse.com/security/cve/CVE-2026-34000 URL
- https://www.suse.com/security/cve/CVE-2026-34002 URL
- https://www.suse.com/security/cve/CVE-2026-34003 URL
Published: 14 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026