Critical Vulnerabilities in xorg-server Affecting Slackware and SUSE Systems

Critical Vulnerabilities in xorg-server Affecting Slackware and SUSE Systems

First seen 9 Jul 2026, 10:55 UTC Linuxsecuritywww.slackware.com 87% similarity 72.0

Article Content

Browse articles
ThreatCluster

Recent updates have addressed critical vulnerabilities in xorg-server affecting Slackware and SUSE systems. The vulnerabilities include CVE-2026-55999, a heap buffer overflow due to a missing bounds check in `glamor_font_get`, and CVE-2026-56000, a use-after-free issue in `CommonMakeCurrent`. These vulnerabilities can be exploited by processing malicious PCF files or through interactions with malicious clients creating GLX contexts. The flaws were confirmed and patched on July 8, 2026, with significant implications for users of Slackware 15.0 and SUSE Linux Enterprise Server. Users are advised to apply the patches immediately to mitigate potential exploitation risks. The vulnerabilities are rated as important, indicating a serious risk to system integrity and security.

Key Points: • CVE-2026-55999 and CVE-2026-56000 patched in xorg-server for Slackware and SUSE. • Heap buffer overflow and use-after-free vulnerabilities can be exploited by malicious files or clients. • Immediate patching is recommended to protect affected systems from potential attacks.

ThreatCluster AI

Timeline

2026-07-08
CVE-2026-55999 published
A heap buffer overflow vulnerability in `glamor_font_get` was disclosed and patched.
Linuxsecurity
2026-07-08
CVE-2026-56000 published
A use-after-free vulnerability in `CommonMakeCurrent` was disclosed and patched.
Linuxsecurity
2026-07-08
Slackware xorg-server update released
Slackware released patches for xorg-server addressing critical vulnerabilities.
Linuxsecurity
2026-07-08
SUSE xorg-x11-server updates released
Multiple SUSE updates were issued to fix vulnerabilities in xorg-x11-server.
Linuxsecurity

Community

Browse all →