A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory boundaries. This can lead to the exposure of sensitive information or cause the server to crash, resulting in a denial of service.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00032.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Red Hat Red Hat Enterprise Linux 10.0 Extended Update Support affected
Version Status Constraints
0:24.1.5-6.el10_0 unaffected < *
Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support affected
Version Status Constraints
0:1.20.4-34.el7_9 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support affected
Version Status Constraints
0:1.20.10-4.el8_4 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On affected
Version Status Constraints
0:1.20.10-4.el8_4 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support affected
Version Status Constraints
0:21.1.3-2.el8_6.6 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support affected
Version Status Constraints
0:1.20.11-7.el8_6 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service affected
Version Status Constraints
0:21.1.3-2.el8_6.6 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service affected
Version Status Constraints
0:1.20.11-7.el8_6 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions affected
Version Status Constraints
0:21.1.3-2.el8_6.6 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions affected
Version Status Constraints
0:1.20.11-7.el8_6 unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service affected
Version Status Constraints
0:21.1.3-13.el8_8 unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service affected
Version Status Constraints
0:1.20.11-18.el8_8 unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions affected
Version Status Constraints
0:21.1.3-13.el8_8 unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions affected
Version Status Constraints
0:1.20.11-18.el8_8 unaffected < *
Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions affected
Version Status Constraints
0:21.1.3-5.el9_0 unaffected < *
Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions affected
Version Status Constraints
0:1.20.11-13.el9_0 unaffected < *
Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions affected
Version Status Constraints
0:1.11.0-22.el9_0.17 unaffected < *
Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions affected
Version Status Constraints
0:21.1.3-10.el9_2 unaffected < *
Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions affected
Version Status Constraints
0:1.20.11-20.el9_2 unaffected < *
Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions affected
Version Status Constraints
0:1.12.0-14.el9_2.14 unaffected < *
Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support affected
Version Status Constraints
0:1.20.11-28.el9_4 unaffected < *
Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support affected
Version Status Constraints
0:22.1.9-8.el9_4 unaffected < *
Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support affected
Version Status Constraints
0:1.13.1-8.el9_4.9 unaffected < *
Red Hat Red Hat Enterprise Linux 9.6 Extended Update Support affected
Version Status Constraints
0:1.20.11-33.el9_6 unaffected < *
Red Hat Red Hat Enterprise Linux 9.6 Extended Update Support affected
Version Status Constraints
0:23.2.7-6.el9_6 unaffected < *
Red Hat Red Hat Enterprise Linux 10 affected
Red Hat Red Hat Enterprise Linux 6 affected
Red Hat Red Hat Enterprise Linux 6 unknown
Red Hat Red Hat Enterprise Linux 7 affected
Red Hat Red Hat Enterprise Linux 8 affected
Red Hat Red Hat Enterprise Linux 8 affected
Red Hat Red Hat Enterprise Linux 8 affected
Red Hat Red Hat Enterprise Linux 9 affected
Red Hat Red Hat Enterprise Linux 9 affected
Red Hat Red Hat Enterprise Linux 9 affected

Configuration 1 [-]

OR cpe:2.3:a:x.org:x_server:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Redhat Subscribe
Enterprise Linux Subscribe

Project Subscriptions

Vendors Products
Redhat Subscribe
Enterprise Linux Subscribe
Enterprise Linux Eus Subscribe
Rhel Aus Subscribe
Rhel E4s Subscribe
Rhel Els Subscribe
Rhel Eus Subscribe
Rhel Eus Long Life Subscribe
Rhel Tus Subscribe
X.org Subscribe
X Server Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

To mitigate this vulnerability, restrict access to the X11 server. If the X.Org X server is not required on a system, consider disabling or uninstalling it. For systems where the X server is necessary, ensure that access is limited to trusted users and networks. This can involve configuring `xhost` or implementing firewall rules to restrict connections to the X server. Any changes to X server configuration or service status may require a restart of the X server for the mitigation to take effect, which will impact active graphical sessions.

References
Link Providers
https://access.redhat.com/errata/RHSA-2026:20547 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:20555 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:20557 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:20558 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:20560 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:20561 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:20562 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:20563 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:20575 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:20576 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:20590 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:21699 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:21712 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:21715 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:21716 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:21718 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:21741 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:21742 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2026-34002 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2451112 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-34002 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-34002 cve-icon
History

Thu, 28 May 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Eus Long Life
CPEs cpe:/a:redhat:rhel_aus:8.4::appstream
cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Vendors & Products Redhat rhel Eus Long Life
References

Thu, 28 May 2026 11:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Aus
Redhat rhel Tus
CPEs cpe:/a:redhat:rhel_aus:8.6::appstream
cpe:/a:redhat:rhel_e4s:8.6::appstream
cpe:/a:redhat:rhel_e4s:8.8::appstream
cpe:/a:redhat:rhel_tus:8.6::appstream
cpe:/a:redhat:rhel_tus:8.8::appstream
Vendors & Products Redhat rhel Aus
Redhat rhel Tus
References

Thu, 28 May 2026 08:45:00 +0000

Type Values Removed Values Added
References

Tue, 26 May 2026 10:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_e4s:9.2::appstream
References

Tue, 26 May 2026 06:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_eus:9.4::crb
References

Tue, 26 May 2026 05:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat enterprise Linux Eus
Redhat rhel Els
CPEs cpe:/a:redhat:rhel_eus:9.6::appstream
cpe:/a:redhat:rhel_eus:9.6::crb
cpe:/o:redhat:enterprise_linux_eus:10.0
cpe:/o:redhat:rhel_els:7
Vendors & Products Redhat enterprise Linux Eus
Redhat rhel Els
References

Tue, 26 May 2026 03:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Eus
CPEs cpe:/a:redhat:rhel_eus:9.4::appstream
Vendors & Products Redhat rhel Eus
References

Tue, 26 May 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel E4s
CPEs cpe:/a:redhat:rhel_e4s:9.0::appstream
Vendors & Products Redhat rhel E4s
References

Thu, 07 May 2026 14:45:00 +0000

Type Values Removed Values Added
First Time appeared X.org
X.org x Server
CPEs cpe:2.3:a:x.org:x_server:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Vendors & Products X.org
X.org x Server

Wed, 06 May 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 06 May 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Tue, 05 May 2026 16:15:00 +0000

Type Values Removed Values Added
Description A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory boundaries. This can lead to the exposure of sensitive information or cause the server to crash, resulting in a denial of service.
Title Xorg: xwayland: x.org x server: information disclosure or denial of service via out-of-bounds read in xkb modifier map handling
First Time appeared Redhat
Redhat enterprise Linux
Weaknesses CWE-805
CPEs cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-05-28T17:07:06.887Z

Reserved: 2026-03-25T04:53:13.615Z

Link: CVE-2026-34002

cve-icon Vulnrichment

Updated: 2026-05-06T14:27:32.419Z

cve-icon NVD

Status : Modified

Published: 2026-05-05T16:16:11.787

Modified: 2026-05-28T18:16:31.017

Link: CVE-2026-34002

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-05-05T14:01:46Z

Links: CVE-2026-34002 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-06T09:21:37Z

Weaknesses