Back

Critical DoS Vulnerabilities in openSUSE xorg-x11-server Addressed

Severity: High (Score: 75.0)

Sources: Linuxsecurity

Summary

On April 15, 2026, SUSE released important updates for the xorg-x11-server to address multiple denial-of-service (DoS) vulnerabilities. The vulnerabilities include CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002, and CVE-2026-34003, which involve issues such as integer underflow, out-of-bounds reads, use-after-free, and buffer overflow. These vulnerabilities could potentially allow attackers to crash the xorg-x11-server, affecting systems running openSUSE Leap 15.6 and SUSE Linux Enterprise Server 15 SP6 LTSS. Users are advised to apply the patches using the recommended installation methods, including YaST online_update or zypper patch. The updates are critical for maintaining system stability and security. The vulnerabilities were reported under bug tracking numbers bsc#1260922 to bsc#1260926. The patches are available for various architectures, including x86_64 and aarch64. Current status indicates that users should prioritize applying these updates immediately. Key Points: • Multiple critical DoS vulnerabilities in xorg-x11-server identified and patched. • Affected systems include openSUSE Leap 15.6 and SUSE Linux Enterprise Server 15 SP6 LTSS. • Users are urged to apply patches using YaST or zypper to mitigate risks.

Key Entities

  • DDoS (attack_type)
  • Denial of Service (attack_type)
  • CVE-2026-33999 (cve)
  • CVE-2026-34000 (cve)
  • CVE-2026-34001 (cve)
  • CVE-2026-34002 (cve)
  • CVE-2026-34003 (cve)
  • OpenSUSE Leap 15.6 (platform)
  • SUSE Linux Enterprise Server 15 SP6 LTSS (platform)
  • Xorg-x11-server (platform)
  • Xvfb (platform)
  • YaST (platform)
  • SuSE (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed