CVE-2026-34000

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.1 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L                                    

Vulnerability Description

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the `CheckSetGeom()` and `XkbAddGeomKeyAlias` functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server, either locally or remotely, can exploit this without user interaction. This could lead to the disclosure of memory contents or cause a denial of service by crashing the server.

Vulnerability Details

Published Date

May 05, 2026

Last Modified

May 07, 2026

CWE ID

CWE-125

Source

NVD

Vendor

Red Hat

Product

Red Hat Enterprise Linux 10, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9

External References

https://access.redhat.com/security/cve/CVE-2026-34000
https://bugzilla.redhat.com/show_bug.cgi?id=2451107

CVE-2026-34000

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment