PT-2022-7131 · Unknown+9 · X.Org Server+9

Peter Hutterer

·

Published

2022-07-05

·

Updated

2024-10-08

·

CVE-2022-3550

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions X.org Server (affected versions not specified)
Description A critical vulnerability was found in X.org Server, affecting the GetCountedString function of the xkb/xkb.c file. The manipulation leads to a buffer overflow. This issue can be exploited by a remote attacker to gain access to confidential data, compromise data integrity, and cause a denial of service.
Recommendations To fix this issue, it is recommended to apply a patch. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

ALSA-2023:2248
ALSA-2023:2249
ALSA-2023:2805
ALSA-2023:2806
ALT-PU-2022-3365
AZL-45042
BDU:2023-07830
CESA-2022_8491
CESA-2023_2805
CESA-2023_2806
CVE-2022-3550
DLA-3185-1
DSA-5278-1
MGASA-2022-0431
OPENSUSE-SU-2022_3857-1
OPENSUSE-SU-2022_3862-1
OPENSUSE-SU-2022_3941-1
OPENSUSE-SU-2024:12427-1
OPENSUSE-SU-2024:12428-1
RHSA-2022:8491
RHSA-2022_8491
RHSA-2023:2248
RHSA-2023:2249
RHSA-2023:2805
RHSA-2023:2806
RHSA-2023_2248
RHSA-2023_2249
RHSA-2023_2805
RHSA-2023_2806
ROSA-SA-2023-2092
SUSE-SU-2022:3840-1
SUSE-SU-2022:3841-1
SUSE-SU-2022:3850-1
SUSE-SU-2022:3856-1
SUSE-SU-2022:3857-1
SUSE-SU-2022:3862-1
SUSE-SU-2022:3863-1
SUSE-SU-2022:3941-1
SUSE-SU-2022_3840-1
SUSE-SU-2022_3841-1
SUSE-SU-2022_3850-1
SUSE-SU-2022_3856-1
SUSE-SU-2022_3857-1
SUSE-SU-2022_3862-1
SUSE-SU-2022_3863-1
USN-5740-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Suse
Ubuntu
X.Org Server