CVE-2022-2319

CWE-13208 documents7 sources
Severity
7.8HIGH
EPSS
0.0%
top 89.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
X.org X Server
Timeline
PublishedSep 1
Latest updateSep 2

Description

A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

Debianxorg-server< 2:1.20.11-1+deb11u2+3
CVEListV5xorg-x11-serverxorg-x11-server 21.1
NVDx.org/x_server21.1.0
Debianxwayland< 2:22.1.3-1+2

Patches

Patch: gitlab.freedesktop.orgPatch: gitlab.freedesktop.orgPatch: lists.freedesktop.org

🔴Vulnerability Details

3
GHSA
GHSA-gq7h-9qq6-mccc: A flaw was found in the Xorg-x11-server2022-09-02
OSV
CVE-2022-2319: A flaw was found in the Xorg-x11-server2022-09-01
CVEList
CVE-2022-2319: A flaw was found in the Xorg-x11-server2022-09-01

📋Vendor Advisories

4
Red Hat
xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access2022-07-13
Ubuntu
X.Org X Server vulnerabilities2022-07-12
Ubuntu
X.Org X Server vulnerabilities2022-07-12
Debian
CVE-2022-2319: xorg-server - A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur...2022
CVE-2022-2319 (HIGH CVSS 7.8) | A flaw was found in the Xorg-x11-se | cvebase.io