PT-2022-3924 · Unknown+10 · Xorg-X11-Server+10

Jan-Niklas Sohn

·

Published

2021-04-14

·

Updated

2024-06-15

·

CVE-2022-2319

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:N/C:C/I:P/A:P
Name of the Vulnerable Software and Affected Versions Xorg-x11-server (affected versions not specified)
Description A flaw was found in the Xorg-x11-server, where an out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length. This can allow a remote attacker to execute arbitrary code or elevate their privileges.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-1320CWE-119

Related Identifiers

ALSA-2022:7583
ALSA-2022:8221
ALSA-2022:8222
ALT-PU-2021-1653
ALT-PU-2022-2257
ALT-PU-2023-7278
ALT-PU-2024-3261
AZL-44145
BDU:2022-04748
CESA-2022_5905
CESA-2022_7583
CVE-2022-2319
DLA-3068-1
DSA-5199-1
MGASA-2022-0256
OESA-2022-1834
OPENSUSE-SU-2022_2370-1
OPENSUSE-SU-2022_2375-1
OPENSUSE-SU-2024:12187-1
RHSA-2022:5905
RHSA-2022:7583
RHSA-2022:8221
RHSA-2022:8222
RHSA-2022_5905
RHSA-2022_7583
RHSA-2022_8221
RHSA-2022_8222
RLSA-2022:7583
RLSA-2022:8221
RLSA-2022:8222
SUSE-SU-2022:2369-1
SUSE-SU-2022:2370-1
SUSE-SU-2022:2371-1
SUSE-SU-2022:2372-1
SUSE-SU-2022:2373-1
SUSE-SU-2022:2374-1
SUSE-SU-2022:2375-1
SUSE-SU-2022_2369-1
SUSE-SU-2022_2370-1
SUSE-SU-2022_2371-1
SUSE-SU-2022_2372-1
SUSE-SU-2022_2373-1
SUSE-SU-2022_2374-1
SUSE-SU-2022_2375-1
USN-5510-1
USN-5510-2
ZDI-22-964

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
Xorg-X11-Server