{"id":"CVE-2026-56000","summary":"xorg-x11-server / xwayland GLX contextTags Use-After-Free in CommonMakeCurrent()","details":"Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent() pointing into potentially reallocated memory.","modified":"2026-07-14T20:30:41.778838Z","published":"2026-07-08T07:36:15.357Z","related":["SUSE-SU-2026:2786-1","SUSE-SU-2026:2787-1","SUSE-SU-2026:2788-1","SUSE-SU-2026:2789-1","SUSE-SU-2026:2791-1","openSUSE-SU-2026:11227-1","openSUSE-SU-2026:11244-1","openSUSE-SU-2026:21273-1","openSUSE-SU-2026:21283-1"],"database_specific":{"cna_assigner":"suse","cwe_ids":["CWE-416"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/56xxx/CVE-2026-56000.json"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/56xxx/CVE-2026-56000.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-56000"},{"type":"ADVISORY","url":"https://www.openwall.com/lists/oss-security/2026/07/08/2"},{"type":"FIX","url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/2779affbdb4354e894f490e56f962527d6125043"},{"type":"PACKAGE","url":"https://gitlab.freedesktop.org/xorg/xserver/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.freedesktop.org/xorg/xserver","events":[{"introduced":"0"},{"fixed":"c5a47fda896aeefbf1d06a73e392a294344f9e1a"},{"fixed":"2779affbdb4354e894f490e56f962527d6125043"}],"database_specific":{"cpe":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"24.1.13"}],"source":["CPE_RANGE","REFERENCES"]}}],"versions":["xwayland-24.1.12","xwayland-24.1.11","xwayland-24.1.10","xwayland-24.1.9","xwayland-24.1.8","xwayland-24.1.7","xwayland-24.1.6","xwayland-24.1.5","xwayland-24.1.4","xwayland-24.1.3","xwayland-24.1.2","xwayland-24.1.1","xwayland-24.1.0","xwayland-24.0.99.902","xwayland-24.0.99.901","xorg-server-21.0.99.1","xorg-server-1.20.0","xorg-server-1.19.99.905","xorg-server-1.19.99.904","xorg-server-1.19.99.903","xorg-server-1.19.99.902","xorg-server-1.19.99.901","xorg-server-1.19.0","xorg-server-1.18.99.902","xorg-server-1.18.99.901","xorg-server-1.18.99.2","xorg-server-1.18.0","xorg-server-1.17.99.902","xorg-server-1.17.99.901","xorg-server-1.17.0","xorg-server-1.16.99.902","xorg-server-1.16.99.901","xorg-server-1.16.0","xorg-server-1.15.99.904","xorg-server-1.15.99.903","xorg-server-1.15.99.902","xorg-server-1.15.99.901","xorg-server-1.15.0","xorg-server-1.14.99.905","xorg-server-1.14.99.904","xorg-server-1.14.99.903","xorg-server-1.14.99.902","xorg-server-1.14.99.901","xorg-server-1.14.99.3","xorg-server-1.14.99.2","xorg-server-1.14.99.1","xorg-server-1.14.0","xorg-server-1.13.99.902","xorg-server-1.13.99.901","xorg-server-1.13.0","xorg-server-1.12.99.905","xorg-server-1.12.99.904","xorg-server-1.12.99.903","xorg-server-1.12.99.902","xorg-server-1.12.99.901","xorg-server-1.12.0","xorg-server-1.11.99.903","xorg-server-1.11.99.902","xorg-server-1.11.99.901","xorg-server-1.11.99.1","xorg-server-1.11.0","xorg-server-1.10.99.902","xorg-server-1.10.99.901","xorg-server-1.10.0","xorg-server-1.9.99.903","xorg-server-1.9.99.902","xorg-server-1.9.99.901","xorg-server-1.9.0","xorg-server-1.8.99.906","xorg-server-1.8.99.905","xorg-server-1.8.99.904","xorg-server-1.8.99.903","xorg-server-1.8.99.902","xorg-server-1.8.99.901","xorg-server-1.8.0","xorg-server-1.7.99.902","xorg-server-1.7.99.901","xorg-server-1.7.99.2","xorg-server-1.7.99.1","xorg-server-1.6.99.901","xorg-server-1.6.99.900","xorg-server-1.5.99.1","xorg-server-1.1.99.3","xorg-server-1_1_99_2","xorg-server-1_0_99_901","XORG-7_0_99_901","xorg-server-1_1_99_1","xorg-server-1_0_99_2","xorg-server-1_0_99_1","XORG-7_0","pre-xgldrop-merge","XORG-6_99_99_904","MODULAR_COPY","XORG-6_99_99_903","XORG-6_8_99_903","DRM-2_0_0","XORG-6_99_99_902","XORG-6_8_99_902","DRM-1_0_5","XORG-6_99_99_901","XORG-6_8_99_901","DRM-20051017","kdrive-initial-import","xorg-server-0_99_1","XORG-6_99_99_900","XORG-6_8_99_900","XORG-6_8_99_16","XORG-6_8_99_15","XORG-6_8_99_14","XORG-6_8_99_13","XORG-6_8_99_12","DRM-20050615","sco_port_update-base","XORG-6_8_99_11","XORG-6_8_99_10","XORG-6_8_99_9","XORG-6_8_99_8","XORG-6_8_99_7","XORG-6_8_99_6","XORG-6_8_99_5","XORG-6_8_99_4","XORG-6_8_99_3","XORG-6_8_99_2","XORG-6_8_99_1","lg3d-base","XORG-6_8_0","XORG-6_7_99_904","XORG-6_7_99_903","XORG-6_7_99_902","XORG-6_7_99_901","XORG-6_7_99_2","XORG-6_7_99_1","DRM-20040721","DRI-trunk-20040721","DRI-trunk-20040613","DRI-XFree86-4_3_99_12-merge","DRM-20040613","XACE-SELINUX-MERGE","xf86-4_4_99_1","xf86-4_4_0","xf86-4_3_99_903","xf86-4_3_99_903_special","add-Xi","xf86-012804-2330","xf86-4_3_99_902","xf86-4_3_99_901","dri-0-1-branchpoint","xf86-4_3_99_16","xf86-4_3_0_1","PRE_xf86-4_3_0_1","XORG-MAIN","xfixes_2_branchpoint","keithp","xf-4_3_99_6","xf-4_3_99_5","xf-4_3_99_4","xf-4_3_99_3","xf-4_3_99_2","xf-4_3_99_1","xf-4_3_0_1","xf-4_3_0","xf-4_2_99_902","xf-4_2_99_901","xf-4_2_99_4","xf-4_2_99_3","ah-20021030-postdri","xf-4_2_99_2","ah-20021030","dhd-20020916","xf-4_2_99_1","dri-20020222-merge","before-mesa-4_0-import","dri-20020129-merge","xf-4_2_1_1","xf-4_2_1","xf-4_2_0_1","xf-4_2_0-bindist-1","xf-4_2_0-bindist","xf-4_2_0","xf-4_2-bp","xf-4_1_99_7","xf-4_1_99_6","xf-4_1_99_5","xf-4_1_99_4","Domain-sync4","Domain-sync3","xf-4_1_99_3","xf-4_1_99_2","Domain-sync2","Domain-sync1","Domain-base","xf-4_1_99_1","dhd-20010817","xf-4_0_99_900","xf-4_0_99_3","xf-4_0_99_2","dhd-20010328","xf-4_0_99_1","xf-4_0_2-bindist","xf-4_0_2","xf-4_0_1Zc","xf-4_0_1Zb","pre-R651-import","xf-4_0_1Za","xf-4_0_1Z","xf-4_0_1h","xf-4_0_1g","xf-4_0_1f","xf-4_0_1e","xf-4_0_1d","xf-4_0_1c","xf-4_0_1b","xf-4_0g","xf-4_0f","xf-4_0e","xf-4_0d","xf-4_0c","xf-4_0_1a","xf-4_0_1-bindist","xf-4_0_1","xf-4_0Z","xf-4_0b","xf-4_0a","xf-4_0-bindist","xf-4_0","xf-3_9_18b","xf-3_9_18a","xf-3_9_18Za","xf-3_9_18Z","xf-3_9_18","xf-3_9_17f","xf-3_9_17e","xf-3_9_17d","xf-3_9_17c","xf-3_9_17b","xf-3_9_17a","xf-3_9_17Z","xf-3_9_17","xf-3_9_16Za","xf-3_9_16f","xf-3_9_16e","xf-3_9_16d","xf-3_9_16Z"],"database_specific":{"vanir_signatures":[{"id":"CVE-2026-56000-1eb66220","signature_type":"Line","signature_version":"v1","source":"https://gitlab.freedesktop.org/xorg/xserver@2779affbdb4354e894f490e56f962527d6125043","target":{"file":"glx/vndcmds.c"},"deprecated":false,"digest":{"line_hashes":["26528802146205448982549149324329759841","324428784491797412274511116477361628678","139723438212190103608208512547304349993","293550403756843557699337264008343925607","310721306520338205900229397895117890080","224728677515641125050902666596200622327","126036847386262721829419563346249005159","200155076335444321006559343227506359941","197917230748099180803045588100327109290"],"threshold":0.9}},{"target":{"file":"glx/vndcmds.c","function":"CommonMakeCurrent"},"deprecated":false,"digest":{"length":1260,"function_hash":"144673586255974078079915957734256006091"},"id":"CVE-2026-56000-f15fe7ec","signature_type":"Function","signature_version":"v1","source":"https://gitlab.freedesktop.org/xorg/xserver@2779affbdb4354e894f490e56f962527d6125043"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-56000.json","vanir_signatures_modified":"2026-07-14T20:30:41Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"}]}