VYPR

rpm package

suse/xorg-x11-server&distro=SUSE Linux Enterprise Server 15 SP6-LTSS

pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSS

Vulnerabilities (5)

  • CVE-2026-34002MedMay 5, 2026
    affected < 21.1.11-150600.5.25.1fixed 21.1.11-150600.5.25.1

    A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its i

  • CVE-2026-34000MedMay 5, 2026
    affected < 21.1.11-150600.5.25.1fixed 21.1.11-150600.5.25.1

    A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the `CheckSetGeom()` and `XkbAddGeomKeyAlias` functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connecti

  • CVE-2026-34003HigApr 23, 2026
    affected < 21.1.11-150600.5.25.1fixed 21.1.11-150600.5.25.1

    A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the s

  • CVE-2026-34001HigApr 23, 2026
    affected < 21.1.11-150600.5.25.1fixed 21.1.11-150600.5.25.1

    A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence() function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server cr

  • CVE-2026-33999HigApr 23, 2026
    affected < 21.1.11-150600.5.25.1fixed 21.1.11-150600.5.25.1

    A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially