7.8
CVE-2026-50257
- EPSS 0.14%
- Veröffentlicht 05.06.2026 10:31:22
- Zuletzt bearbeitet 09.07.2026 13:17:25
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in misyncdestroyfence()
A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection destroys the fence, causing the use-after-free. This may be used to crash the server, or for privilege escalation if the X server runs as root.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version10.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.039 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://bugzilla.redhat.com/show_bug.cgi?id=2485382
https://gitlab.freedesktop.org/xorg/xserver/-/commit/f5abfb61994471023d8c6470428c8e30c411cc0b
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-50257.json
https://access.redhat.com/errata/RHSA-2026:26562
https://access.redhat.com/errata/RHSA-2026:26566
https://access.redhat.com/errata/RHSA-2026:26590
https://access.redhat.com/errata/RHSA-2026:26610
https://access.redhat.com/errata/RHSA-2026:26709
https://access.redhat.com/errata/RHSA-2026:28923
https://access.redhat.com/errata/RHSA-2026:29844
https://access.redhat.com/errata/RHSA-2026:36083
https://access.redhat.com/errata/RHSA-2026:36085
https://access.redhat.com/errata/RHSA-2026:36086
https://access.redhat.com/errata/RHSA-2026:36087
https://lists.x.org/archives/xorg-announce/2026-June/003702.html
https://redhat.atlassian.net/browse/PSIRTSUPT-16950
https://access.redhat.com/security/cve/CVE-2026-50257
https://access.redhat.com/errata/RHSA-2026:36632
https://access.redhat.com/errata/RHSA-2026:36633
https://access.redhat.com/errata/RHSA-2026:36634
https://access.redhat.com/errata/RHSA-2026:36791
https://access.redhat.com/errata/RHSA-2026:36792
https://access.redhat.com/errata/RHSA-2026:36768
https://access.redhat.com/errata/RHSA-2026:36798