Vulnerability CVE-2022-46342: Information

Description

A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Published: Dec. 15, 2022
Modified: May 30, 2023
Error type identifier: CWE-416

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
xorg-serversisyphus_e2k1.20.14-alt8.E2K.121.1.3-alt1.E2K.1ALT-PU-2023-3913-1-Fixed
xorg-serverp101.20.14-alt61.20.14-alt11ALT-PU-2022-3399-1311677Fixed
xorg-serverp10_e2k1.20.14-alt8.E2K.21.20.14-alt9.E2K.1ALT-PU-2023-6819-1-Fixed
xorg-serverp91.20.8-alt101.20.8-alt12ALT-PU-2023-7278-2334512Fixed
xorg-serverc10f11.20.14-alt61.20.14-alt9ALT-PU-2022-3399-1311677Fixed

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:x.org:x_server:1.20.4:*:*:*:*:*:*:*

      Running on/with:
      cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

      Running on/with:
      cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

      Running on/with:
      cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

      Running on/with:
      cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

      Configuration 2

      cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

      cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

      Configuration 3

      cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*