PT-2022-7135 · X.Org+9 · X.Org Server+9

Jan-Niklas Sohn

·

Published

2022-11-21

·

Updated

2024-10-08

·

CVE-2022-46340

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions X.Org Server (affected versions not specified)
Description The issue is related to a buffer overflow in the XTestSwapFakeInput function of the X.Org Server, which can be exploited by a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. The vulnerability occurs because the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through the XTestFakeInput request. This can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. However, it does not affect systems where the client and server use the same byte order.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Memory Corruption

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2023:2248
ALSA-2023:2249
ALSA-2023:2257
ALSA-2023:2805
ALSA-2023:2806
ALSA-2023:2830
ALT-PU-2022-3399
ALT-PU-2023-7278
ALT-PU-2024-3261
AZL-44697
BDU:2023-07835
CESA-2023_0045
CESA-2023_0046
CESA-2023_2805
CESA-2023_2806
CESA-2023_2830
CVE-2022-46340
DLA-3256-1
DSA-5304-1
MGASA-2023-0012
OESA-2022-2163
OPENSUSE-SU-2022_4479-1
OPENSUSE-SU-2022_4480-1
OPENSUSE-SU-2022_4487-1
OPENSUSE-SU-2024:12569-1
OPENSUSE-SU-2024:12570-1
RHSA-2023:0045
RHSA-2023:0046
RHSA-2023:2248
RHSA-2023:2249
RHSA-2023:2257
RHSA-2023:2805
RHSA-2023:2806
RHSA-2023:2830
RHSA-2023_0045
RHSA-2023_0046
RHSA-2023_2248
RHSA-2023_2249
RHSA-2023_2257
RHSA-2023_2805
RHSA-2023_2806
RHSA-2023_2830
RHSA-2025:12751
ROSA-SA-2023-2092
ROSA-SA-2023-2095
SUSE-SU-2022:4479-1
SUSE-SU-2022:4480-1
SUSE-SU-2022:4481-1
SUSE-SU-2022:4482-1
SUSE-SU-2022:4483-1
SUSE-SU-2022:4484-1
SUSE-SU-2022:4485-1
SUSE-SU-2022:4487-1
SUSE-SU-2023:0653-1
SUSE-SU-2023:0654-1
SUSE-SU-2023:0655-1
SUSE-SU-2023:0656-1
SUSE-SU-2023:0657-1
SUSE-SU-2023:0683-1
SUSE-SU-2023:0731-1
SUSE-SU-2023_0653-1
SUSE-SU-2023_0655-1
SUSE-SU-2023_0656-1
SUSE-SU-2023_0657-1
SUSE-SU-2023_0683-1
SUSE-SU-2023_0731-1
USN-5778-1
USN-5778-2
ZDI-22-1695

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Suse
Ubuntu
X.Org Server