PT-2022-7136 · X.Org+9 · X.Org+9

Jan-Niklas Sohn

·

Published

2022-11-21

·

Updated

2024-10-08

·

CVE-2022-46341

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions X.Org (affected versions not specified)
Description A security flaw in X.Org occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. The vulnerability is related to the ProcXIPassiveUngrabDevice function and is associated with a buffer overflow, allowing a remote attacker to access confidential data, compromise their integrity, and cause a denial of service.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Memory Corruption

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2023:2248
ALSA-2023:2249
ALSA-2023:2257
ALSA-2023:2805
ALSA-2023:2806
ALSA-2023:2830
ALT-PU-2022-3399
ALT-PU-2023-7278
ALT-PU-2024-3261
AZL-44433
BDU:2023-07836
CESA-2023_0045
CESA-2023_0046
CESA-2023_2805
CESA-2023_2806
CESA-2023_2830
CVE-2022-46341
DLA-3256-1
DSA-5304-1
MGASA-2023-0012
OESA-2022-2163
OPENSUSE-SU-2022_4479-1
OPENSUSE-SU-2022_4480-1
OPENSUSE-SU-2022_4487-1
OPENSUSE-SU-2024:12569-1
OPENSUSE-SU-2024:12570-1
RHSA-2023:0045
RHSA-2023:0046
RHSA-2023:2248
RHSA-2023:2249
RHSA-2023:2257
RHSA-2023:2805
RHSA-2023:2806
RHSA-2023:2830
RHSA-2023_0045
RHSA-2023_0046
RHSA-2023_2248
RHSA-2023_2249
RHSA-2023_2257
RHSA-2023_2805
RHSA-2023_2806
RHSA-2023_2830
RHSA-2025:12751
ROSA-SA-2023-2092
ROSA-SA-2023-2095
SUSE-SU-2022:4479-1
SUSE-SU-2022:4480-1
SUSE-SU-2022:4481-1
SUSE-SU-2022:4482-1
SUSE-SU-2022:4483-1
SUSE-SU-2022:4484-1
SUSE-SU-2022:4485-1
SUSE-SU-2022:4487-1
USN-5778-1
USN-5778-2
ZDI-22-1696

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Suse
Ubuntu
X.Org