CLSA-2026-1778110872

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778110872.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1778110872
Upstream
Published
2026-05-06T23:41:17Z
Modified
2026-05-27T11:17:23.549339936Z
Summary
xorg-x11-server-Xwayland: Fix of 3 CVEs
Details
  • CVE-2024-0408: fix XSELinux crash by calling XACE hooks when creating GLX buffers
  • CVE-2025-49175: fix out-of-bounds read in animated cursor creation when client provides zero cursors
  • CVE-2025-49178: fix possible client request hang caused by leftover bytes-to-ignore when sharing input buffer
References

Affected packages

TuxCare:AlmaLinux:9.2 / xorg-x11-server-Xwayland

Package

Name
xorg-x11-server-Xwayland
Purl
pkg:rpm/tuxcare/xorg-x11-server-Xwayland?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
21.1.3-7.el9.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778110872.json"

TuxCare:AlmaLinux:9.2 / xorg-x11-server-Xwayland-devel

Package

Name
xorg-x11-server-Xwayland-devel
Purl
pkg:rpm/tuxcare/xorg-x11-server-Xwayland-devel?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
21.1.3-7.el9.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778110872.json"