7.8
CVE-2026-50260
- EPSS 0.15%
- Veröffentlicht 05.06.2026 10:36:30
- Zuletzt bearbeitet 09.07.2026 13:17:26
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in freecounter()
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for privilege escalation if the X server runs as root.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version10.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.049 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://gitlab.freedesktop.org/xorg/xserver/-/commit/f5abfb61994471023d8c6470428c8e30c411cc0b
https://bugzilla.redhat.com/show_bug.cgi?id=2485385
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-50260.json
https://access.redhat.com/errata/RHSA-2026:26562
https://access.redhat.com/errata/RHSA-2026:26566
https://access.redhat.com/errata/RHSA-2026:26590
https://access.redhat.com/errata/RHSA-2026:26610
https://access.redhat.com/errata/RHSA-2026:26709
https://access.redhat.com/errata/RHSA-2026:28923
https://access.redhat.com/errata/RHSA-2026:29844
https://access.redhat.com/errata/RHSA-2026:36083
https://access.redhat.com/errata/RHSA-2026:36085
https://access.redhat.com/errata/RHSA-2026:36086
https://access.redhat.com/errata/RHSA-2026:36087
https://lists.x.org/archives/xorg-announce/2026-June/003702.html
https://redhat.atlassian.net/browse/PSIRTSUPT-16950
https://access.redhat.com/security/cve/CVE-2026-50260
https://access.redhat.com/errata/RHSA-2026:36632
https://access.redhat.com/errata/RHSA-2026:36633
https://access.redhat.com/errata/RHSA-2026:36634
https://access.redhat.com/errata/RHSA-2026:36791
https://access.redhat.com/errata/RHSA-2026:36792
https://access.redhat.com/errata/RHSA-2026:36768
https://access.redhat.com/errata/RHSA-2026:36798