PT-2026-56334 · X.Org Foundation · Xorg-Server+1
Published
2026-07-08
·
Updated
2026-07-08
·
CVE-2026-55999
CVSS v3.1
8.5
High
| Vector | AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
xorg-server versions prior to 21.2.24
xwayland versions prior to 24.1.13
Description
Local attackers with an X connection can cause a heap buffer overflow by providing PCX fonts to the X server. This occurs due to missing glyph boundary checks within the
SetFont() function. A heap buffer overflow is a memory corruption issue where a program writes more data to a heap-allocated buffer than it can hold, potentially leading to crashes or arbitrary code execution.Recommendations
Update xorg-server to version 21.2.24 or later.
Update xwayland to version 24.1.13 or later.
Fix
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Xorg-Server
Xwayland