Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2022-46343: SUSE Linux Security Advisory

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

SUSE: CVE-2022-46343: SUSE Linux Security Advisory

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

12/14/2022

Created

12/16/2022

Added

12/15/2022

Modified

06/13/2023

Description

A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

Solution(s)

suse-upgrade-xorg-x11-server
suse-upgrade-xorg-x11-server-extra
suse-upgrade-xorg-x11-server-sdk
suse-upgrade-xorg-x11-server-source
suse-upgrade-xorg-x11-server-wayland
suse-upgrade-xorg-x11-server-xvfb
suse-upgrade-xwayland
suse-upgrade-xwayland-devel

References

https://attackerkb.com/topics/cve-2022-46343
CVE - 2022-46343
DSA-5304

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2022-46343: SUSE Linux Security Advisory

SUSE: CVE-2022-46343: SUSE Linux Security Advisory

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.