CVE-2026-34002 — MEDIUM (6.1)

Vulnerability Description

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory boundaries. This can lead to the exposure of sensitive information or cause the server to crash, resulting in a denial of service.

CVSS Score

6.1

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
X.Org	X Server	-
Redhat	Enterprise Linux	6.0

Related Weaknesses (CWE)

CWE-805

References

https://access.redhat.com/security/cve/CVE-2026-34002Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2451112Issue TrackingThird Party Advisory

FAQ

What is CVE-2026-34002?

CVE-2026-34002 is a vulnerability with a CVSS score of 6.1 (MEDIUM). A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit t...

How severe is CVE-2026-34002?

CVE-2026-34002 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-34002?

Check the references section above for vendor advisories and patch information. Affected products include: X.Org X Server, Redhat Enterprise Linux.