CVE-2022-46341 — Out-of-bounds Write in X.org Foundation Xorg-x11-server

CWE-787 — Out-of-bounds Write10 documents8 sources

Severity

8.8HIGHNVD

EPSS

1.2%

top 21.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

X.org Xorg-server X.org Xwayland THE X.org Foundation Xorg-x11-server +3 more

Timeline

PublishedDec 14

Latest updateFeb 16

Description

A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5the_x.org_foundation/xorg-x11-serverxorg-x11-server-1.20.4

▶Debianx.org/xorg-server< 2:1.20.11-1+deb11u4+3

▶NVDx.org/x_server1.20.4

▶Debianx.org/xwayland< 2:22.1.6-1+2

Also affects: Debian Linux 11.0, Fedora 36, 37

🔴Vulnerability Details

OSV

CVE-2022-46341: A vulnerability was found in X↗2022-12-14

▶

GHSA

GHSA-cj4x-645f-6pwx: A vulnerability was found in X↗2022-12-14

▶

CVEList

CVE-2022-46341: A vulnerability was found in X↗2022-12-14

▶

📋Vendor Advisories

Ubuntu

X.Org X Server vulnerabilities↗2023-02-16

▶

BSD

OpenBSD 7.2 Errata 009: SECURITY FIX↗2022-12-14

▶

Ubuntu

X.Org X Server vulnerabilities↗2022-12-14

▶

Red Hat

xorg-x11-server: XIPassiveUngrab out-of-bounds access↗2022-12-14

▶

BSD

OpenBSD 7.1 Errata 015: SECURITY FIX↗2022-12-14

▶