CVE-2026-50256
HIGH SEVERITYCVSS Score & Metrics
Base Score
7.8 / 10
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Description
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias target name length is 1024 bytes. A font alias name between 257 and 1023 bytes causes the X server to copy that name into the undersized stack buffer without further checks. This may be used to crash the server, or for privilege escalation if the X server runs as root.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-121
Source
NVD
Vendor
Red Hat
Product
Red Hat Enterprise Linux 10, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
External References
- https://access.redhat.com/security/cve/CVE-2026-50256
- https://bugzilla.redhat.com/show_bug.cgi?id=2485380
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/bb5158f962dc935e58ef8b4b5fcb31be201a6e07
- https://lists.x.org/archives/xorg-announce/2026-June/003702.html
- https://redhat.atlassian.net/browse/PSIRTSUPT-16950
Discussion (0)
Add Comment
No comments yet. Be the first!