vulnerability

Amazon Linux AMI: CVE-2022-46343: Security patch for xorg-x11-server (ALAS-2023-1689)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:S/C:C/I:C/A:C)	Dec 14, 2022	Feb 23, 2023	May 21, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Published

Dec 14, 2022

Added

Feb 23, 2023

Modified

May 21, 2025

Description

A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

Solution

amazon-linux-upgrade-xorg-x11-server

References

AMAZON-ALAS-2023-1689
NVD-CVE-2022-46343
UBUNTU-USN-5778-1

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report