vulnerability

Ubuntu: (Multiple Advisories) (CVE-2022-46343): X.Org X Server vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:S/C:C/I:C/A:C)	Dec 14, 2022	Dec 15, 2022	Aug 18, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Published

Dec 14, 2022

Added

Dec 15, 2022

Modified

Aug 18, 2025

Description

A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

Solutions

ubuntu-pro-upgrade-xserver-xorg-coreubuntu-pro-upgrade-xserver-xorg-core-hwe-16-04ubuntu-pro-upgrade-xserver-xorg-core-hwe-18-04ubuntu-pro-upgrade-xwaylandubuntu-pro-upgrade-xwayland-hwe-16-04ubuntu-pro-upgrade-xwayland-hwe-18-04

References

CVE-2022-46343
https://attackerkb.com/topics/CVE-2022-46343
CWE-416
DEBIAN-DSA-5304
NVD-CVE-2022-46343
UBUNTU-USN-5778-1
UBUNTU-USN-5778-2

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today