A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root.

CPENameOperatorVersion
xorg-servereq21.1.0

CPE	Name	Operator	Version
	xorg-server	eq	21.1.0

References

github.com/freedesktop/xorg-xserver/commit/dd8caf39e9e15d8f302e54045dd08d8ebf1025dc

gitlab.freedesktop.org/xorg/xserver/-/merge_requests/938

gitlab.freedesktop.org/xorg/xserver/-/merge_requests/939

lists.freedesktop.org/archives/xorg-announce/2022-July/003192.html

security.gentoo.org/glsa/202210-30

security.netapp.com/advisory/ntap-20221104-0003/

www.zerodayinitiative.com/advisories/ZDI-22-963/

redhatcve 1

veracode 1

ubuntucve 1

zdi 1

nvd 1

cvelist 1

cve 1

debiancve 1

osv 11

alpinelinux 1

openvas 30

nessus 44

fedora 4

ubuntu 2

redhat 4

slackware 2

almalinux 3

oraclelinux 4

gentoo 1

altlinux 1

debian 2

redos 1

centos 1

rocky 3

amazon 2

suse 2

mageia 1

ibm 1

redhatcve

CVE-2022-2320

2022-07-13 10:16:04

veracode

Out-Of-Bounds Access

2022-07-18 23:24:13

ubuntucve

CVE-2022-2320

2022-07-12 00:00:00

zdi

X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access Local Privilege Escalation Vulnerability

2022-07-12 00:00:00

nvd

CVE-2022-2320

2022-09-01 21:15:09

cvelist

CVE-2022-2320

2022-09-01 00:00:00

cve

CVE-2022-2320

2022-09-01 21:15:09

debiancve

CVE-2022-2320

2022-09-01 21:15:09

osv

CVE-2022-2320

2022-09-01 21:15:09

Moderate: xorg-x11-server and xorg-x11-server-Xwayland security and bug fix update

2022-11-08 00:00:00

xorg-server, xorg-server-hwe-18.04, xwayland vulnerabilities

2022-07-12 13:38:41

alpinelinux

CVE-2022-2320

2022-09-01 21:15:09

openvas

Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2023-1699)

2023-05-08 00:00:00

Mageia: Security Advisory (MGASA-2022-0256)

2022-07-14 00:00:00

Slackware: Security Advisory (SSA:2022-194-01)

2022-07-14 00:00:00

nessus

SUSE SLES15 Security Update : xorg-x11-server (SUSE-SU-2022:2371-1)

2022-07-13 00:00:00

Debian DLA-3068-1 : xorg-server - LTS security update

2022-08-04 00:00:00

Oracle Linux 7 : xorg-x11-server (ELSA-2022-5905)

2022-08-05 00:00:00

fedora

[SECURITY] Fedora 36 Update: xorg-x11-server-Xwayland-22.1.3-1.fc36

2022-07-15 01:18:18

[SECURITY] Fedora 36 Update: xorg-x11-server-1.20.14-7.fc36

2022-07-15 01:18:15

[SECURITY] Fedora 35 Update: xorg-x11-server-Xwayland-21.1.4-2.fc35

2022-07-29 01:24:52

ubuntu

X.Org X Server vulnerabilities

2022-07-12 00:00:00

X.Org X Server vulnerabilities

2022-07-12 00:00:00

redhat

(RHSA-2022:5905) Important: xorg-x11-server security update

2022-08-04 09:54:38

(RHSA-2022:8221) Moderate: xorg-x11-server security and bug fix update

2022-11-15 06:18:41

(RHSA-2022:7583) Moderate: xorg-x11-server and xorg-x11-server-Xwayland security and bug fix update

2022-11-08 06:23:38

slackware

SSA-2022-0928190027

2022-09-28 19:00:27

[slackware-security] xorg-server

2022-07-13 20:04:43

almalinux

Moderate: xorg-x11-server and xorg-x11-server-Xwayland security and bug fix update

2022-11-08 00:00:00

Moderate: xorg-x11-server-Xwayland security update

2022-11-15 00:00:00

Moderate: xorg-x11-server security and bug fix update

2022-11-15 00:00:00

oraclelinux

xorg-x11-server-Xwayland security update

2022-11-22 00:00:00

xorg-x11-server security update

2022-08-04 00:00:00

xorg-x11-server security and bug fix update

2022-11-22 00:00:00

gentoo

X.Org X server, XWayland: Multiple Vulnerabilities

2022-10-31 00:00:00

altlinux

Security fix for the ALT Linux 10 package xorg-server version 2:1.20.14-alt4

2022-07-15 00:00:00

debian

[SECURITY] [DSA 5199-1] xorg-server security update

2022-08-06 15:16:10

[SECURITY] [DLA 3068-1] xorg-server security update

2022-08-04 15:57:26

redos

ROS-20220721-01

2022-07-21 00:00:00

centos

xorg security update

2022-08-04 19:09:12

rocky

xorg-x11-server and xorg-x11-server-Xwayland security and bug fix update

2022-11-08 06:23:38

xorg-x11-server security and bug fix update

2022-11-15 06:18:41

xorg-x11-server-Xwayland security update

2022-11-15 06:18:43

amazon

Important: xorg-x11-server

2022-09-30 07:04:00

Important: xorg-x11-server

2023-02-17 00:02:00

suse

Security update for xorg-x11-server (important)

2022-07-12 00:00:00

Security update for xorg-x11-server (important)

2022-07-12 00:00:00

mageia

Updated x11-server packages fix security vulnerabilities

2022-07-13 10:25:41

ibm

Security Bulletin: IBM Security Guardium is affected by an out-of-bounds access issue vulnerability (CVE-2022-2319, CVE-2022-2320)

2023-03-06 13:57:05

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.7%

JSON

Related for PRION:CVE-2022-2320