vulnerability
Red Hat: CVE-2022-2320: CVE-2022-2320 xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | 2022-08-04 | 2022-08-11 | 2025-01-28 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
2022-08-04
Added
2022-08-11
Modified
2025-01-28
Description
A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root.
Solution(s)
redhat-upgrade-xorg-x11-server-commonredhat-upgrade-xorg-x11-server-debuginforedhat-upgrade-xorg-x11-server-debugsourceredhat-upgrade-xorg-x11-server-develredhat-upgrade-xorg-x11-server-sourceredhat-upgrade-xorg-x11-server-xdmxredhat-upgrade-xorg-x11-server-xdmx-debuginforedhat-upgrade-xorg-x11-server-xephyrredhat-upgrade-xorg-x11-server-xephyr-debuginforedhat-upgrade-xorg-x11-server-xnestredhat-upgrade-xorg-x11-server-xnest-debuginforedhat-upgrade-xorg-x11-server-xorgredhat-upgrade-xorg-x11-server-xorg-debuginforedhat-upgrade-xorg-x11-server-xvfbredhat-upgrade-xorg-x11-server-xvfb-debuginforedhat-upgrade-xorg-x11-server-xwaylandredhat-upgrade-xorg-x11-server-xwayland-debuginforedhat-upgrade-xorg-x11-server-xwayland-debugsourceredhat-upgrade-xorg-x11-xtrans-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.