CVE-2022-46342
published 2022-12-14CVE-2022-46342: A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | xorg-server | < xorg-server 2:21.1.5-1 (bookworm) | xorg-server 2:21.1.5-1 (bookworm) |
| debian | xwayland | < xorg-server 2:21.1.5-1 (bookworm) | xorg-server 2:21.1.5-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| x.org | x_server | — | — |
| x.org | xorg-server | >= 0 < 2:1.20.11-1+deb11u4 | 2:1.20.11-1+deb11u4 |
| x.org | xorg-server | >= 0 < 2:21.1.5-1 | 2:21.1.5-1 |
| x.org | xorg-server | >= 0 < 2:21.1.5-1 | 2:21.1.5-1 |
| x.org | xorg-server | >= 0 < 2:21.1.5-1 | 2:21.1.5-1 |
| x.org | xwayland | >= 0 < 2:22.1.6-1 | 2:22.1.6-1 |
| x.org | xwayland | >= 0 < 2:22.1.6-1 | 2:22.1.6-1 |
| x.org | xwayland | >= 0 < 2:22.1.6-1 | 2:22.1.6-1 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv8.8HIGH