vulnerability

Red Hat: CVE-2022-4283: XkbGetKbdByName use-after-free (Multiple Advisories)

Try Surface Command
Back to search
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
2022-12-14
Added
2023-01-12
Modified
2025-01-28

Description

A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

Solution(s)

redhat-upgrade-tigervncredhat-upgrade-tigervnc-debuginforedhat-upgrade-tigervnc-debugsourceredhat-upgrade-tigervnc-iconsredhat-upgrade-tigervnc-licenseredhat-upgrade-tigervnc-selinuxredhat-upgrade-tigervnc-serverredhat-upgrade-tigervnc-server-appletredhat-upgrade-tigervnc-server-debuginforedhat-upgrade-tigervnc-server-minimalredhat-upgrade-tigervnc-server-minimal-debuginforedhat-upgrade-tigervnc-server-moduleredhat-upgrade-tigervnc-server-module-debuginforedhat-upgrade-xorg-x11-server-commonredhat-upgrade-xorg-x11-server-debuginforedhat-upgrade-xorg-x11-server-debugsourceredhat-upgrade-xorg-x11-server-develredhat-upgrade-xorg-x11-server-sourceredhat-upgrade-xorg-x11-server-xdmxredhat-upgrade-xorg-x11-server-xdmx-debuginforedhat-upgrade-xorg-x11-server-xephyrredhat-upgrade-xorg-x11-server-xephyr-debuginforedhat-upgrade-xorg-x11-server-xnestredhat-upgrade-xorg-x11-server-xnest-debuginforedhat-upgrade-xorg-x11-server-xorgredhat-upgrade-xorg-x11-server-xorg-debuginforedhat-upgrade-xorg-x11-server-xvfbredhat-upgrade-xorg-x11-server-xvfb-debuginforedhat-upgrade-xorg-x11-server-xwaylandredhat-upgrade-xorg-x11-server-xwayland-debuginforedhat-upgrade-xorg-x11-server-xwayland-debugsource

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today