xorg-server is vulnerable to remote code execution. The vulnerability exists because the handler for the XIPassiveUngrab
request accesses out-of-bounds memory when invoked with a high keycode or button code.
access.redhat.com/security/cve/CVE-2022-46341
bugzilla.redhat.com/show_bug.cgi?id=2151756
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/
lists.fedoraproject.org/archives/list/[email protected]/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/
lists.fedoraproject.org/archives/list/[email protected]/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/
lists.fedoraproject.org/archives/list/[email protected]/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.17/community.yaml
security.gentoo.org/glsa/202305-30
www.debian.org/security/2022/dsa-5304