Lucene search
Ubuntu.comUB:CVE-2022-2320HistoryJul 12, 2022 - 12:00 a.m.
CVE-2022-2320
2022-07-1200:00:00
ubuntu.com
ubuntu.com
9
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
35.7%
A flaw was found in the Xorg-x11-server. The specific flaw exists within
the handling of ProcXkbSetDeviceInfo requests. The issue results from the
lack of proper validation of user-supplied data, which can result in a
memory access past the end of an allocated buffer. This flaw allows an
attacker to escalate privileges and execute arbitrary code in the context
of root.
Notes
| Author | Note |
|---|---|
| mdeslaur | xorg server is actually the xorg-server package the xorg package only contains docs xwayland package contains parts of xorg-server |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | xorg-server | < 2:1.19.6-1ubuntu4.11 | UNKNOWN |
| ubuntu | 20.04 | noarch | xorg-server | < 2:1.20.13-1ubuntu1~20.04.3 | UNKNOWN |
| ubuntu | 21.10 | noarch | xorg-server | < 2:1.20.13-1ubuntu1.2 | UNKNOWN |
| ubuntu | 22.04 | noarch | xorg-server | < 2:21.1.3-2ubuntu2.1 | UNKNOWN |
| ubuntu | 22.10 | noarch | xorg-server | < 2:21.1.3-2ubuntu3 | UNKNOWN |
| ubuntu | 23.04 | noarch | xorg-server | < 2:21.1.3-2ubuntu3 | UNKNOWN |
| ubuntu | 23.10 | noarch | xorg-server | < 2:21.1.3-2ubuntu3 | UNKNOWN |
| ubuntu | 24.04 | noarch | xorg-server | < 2:21.1.3-2ubuntu3 | UNKNOWN |
| ubuntu | 14.04 | noarch | xorg-server | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | xorg-server | < 2:1.18.4-0ubuntu0.12+esm2 | UNKNOWN |
Related
redhatcve
redhatcve
CVE-2022-2320
2022-07-13 10:16:04
veracode
veracode
Out-Of-Bounds Access
2022-07-18 23:24:13
prion
prion
Buffer overflow
2022-09-01 21:15:00
zdi
zdi
nvd
nvd
CVE-2022-2320
2022-09-01 21:15:09
cve
cve
CVE-2022-2320
2022-09-01 21:15:09
debiancve
debiancve
CVE-2022-2320
2022-09-01 21:15:09
osv
osv
CVE-2022-2320
2022-09-01 21:15:09
Moderate: xorg-x11-server security and bug fix update
2022-11-15 06:18:41
alpinelinux
alpinelinux
CVE-2022-2320
2022-09-01 21:15:09
cvelist
cvelist
CVE-2022-2320
2022-09-01 00:00:00
nessus
nessus
Rocky Linux 9 : xorg-x11-server (RLSA-2022:8221)
2023-11-07 00:00:00
SUSE SLES12 Security Update : xorg-x11-server (SUSE-SU-2022:2373-1)
2022-07-13 00:00:00
openvas
openvas
Fedora: Security Advisory for xorg-x11-server (FEDORA-2022-573714ca6b)
2022-07-30 00:00:00
Debian: Security Advisory (DSA-5199-1)
2022-08-07 00:00:00
CentOS: Security Advisory for xorg-x11-server-common (CESA-2022:5905)
2022-08-05 00:00:00
oraclelinux
oraclelinux
xorg-x11-server-Xwayland security update
2022-11-22 00:00:00
xorg-x11-server security update
2022-08-04 00:00:00
xorg-x11-server security and bug fix update
2022-11-22 00:00:00
gentoo
gentoo
X.Org X server, XWayland: Multiple Vulnerabilities
2022-10-31 00:00:00
debian
debian
[SECURITY] [DSA 5199-1] xorg-server security update
2022-08-06 15:16:10
[SECURITY] [DLA 3068-1] xorg-server security update
2022-08-04 15:57:26
altlinux
altlinux
Security fix for the ALT Linux 10 package xorg-server version 2:1.20.14-alt4
2022-07-15 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: xorg-x11-server-Xwayland-22.1.3-1.fc36
2022-07-15 01:18:18
[SECURITY] Fedora 36 Update: xorg-x11-server-1.20.14-7.fc36
2022-07-15 01:18:15
[SECURITY] Fedora 35 Update: xorg-x11-server-1.20.14-7.fc35
2022-07-29 01:24:50
ubuntu
ubuntu
X.Org X Server vulnerabilities
2022-07-12 00:00:00
X.Org X Server vulnerabilities
2022-07-12 00:00:00
redhat
redhat
(RHSA-2022:5905) Important: xorg-x11-server security update
2022-08-04 09:54:38
(RHSA-2022:8221) Moderate: xorg-x11-server security and bug fix update
2022-11-15 06:18:41
slackware
slackware
SSA-2022-0928190027
2022-09-28 19:00:27
[slackware-security] xorg-server
2022-07-13 20:04:43
almalinux
almalinux
Moderate: xorg-x11-server and xorg-x11-server-Xwayland security and bug fix update
2022-11-08 00:00:00
Moderate: xorg-x11-server-Xwayland security update
2022-11-15 00:00:00
Moderate: xorg-x11-server security and bug fix update
2022-11-15 00:00:00
redos
redos
ROS-20220721-01
2022-07-21 00:00:00
centos
centos
xorg security update
2022-08-04 19:09:12
rocky
rocky
xorg-x11-server and xorg-x11-server-Xwayland security and bug fix update
2022-11-08 06:23:38
xorg-x11-server security and bug fix update
2022-11-15 06:18:41
xorg-x11-server-Xwayland security update
2022-11-15 06:18:43
amazon
amazon
Important: xorg-x11-server
2022-09-30 07:04:00
Important: xorg-x11-server
2023-02-17 00:02:00
suse
suse
Security update for xorg-x11-server (important)
2022-07-12 00:00:00
Security update for xorg-x11-server (important)
2022-07-12 00:00:00
ibm
ibm
mageia
mageia
Updated x11-server packages fix security vulnerabilities
2022-07-13 10:25:41
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
35.7%
Related for UB:CVE-2022-2320