Lucene search

PRIOn knowledge basePRION:CVE-2022-46343

HistoryDec 14, 2022 - 9:15 p.m.

Design/Logic Flaw

2022-12-1421:15:00

PRIOn knowledge base

www.prio-n.com

x.org

logic flaw

security vulnerability

memory write

local privileges elevation

remote code execution

8.7 High

AI Score

Confidence

High

0.036 Low

EPSS

Percentile

91.7%

JSON

A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

CPENameOperatorVersion
debian_linuxeq11.0
fedoraeq36
fedoraeq37
x_servereq1.20.4

Name	Operator	Version
debian_linux	eq	11.0
fedora	eq	36
fedora	eq	37
x_server	eq	1.20.4

References

access.redhat.com/security/cve/CVE-2022-46343

bugzilla.redhat.com/show_bug.cgi?id=2151758

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/

security.gentoo.org/glsa/202305-30

www.debian.org/security/2022/dsa-5304