CVE-2022-46342

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions X.Org (affected versions not specified)

Description A security issue was found in X.Org due to the handler for the XvdiSelectVideoNotify request writing to memory after it has been freed. This can lead to local privileges elevation on systems where the X server is running. The issue may also allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2023:2248

ALSA-2023:2249

ALSA-2023:2257

ALSA-2023:2805

ALSA-2023:2806

ALSA-2023:2830

ALT-PU-2022-3399

ALT-PU-2023-7278

ALT-PU-2024-3261

AZL-44661

BDU:2023-07837

CESA-2023_0045

CESA-2023_0046

CESA-2023_2805

CESA-2023_2806

CESA-2023_2830

CVE-2022-46342

DLA-3256-1

DSA-5304-1

MGASA-2023-0012

OESA-2022-2163

OPENSUSE-SU-2022_4479-1

OPENSUSE-SU-2022_4480-1

OPENSUSE-SU-2022_4487-1

OPENSUSE-SU-2024:12569-1

OPENSUSE-SU-2024:12570-1

RHSA-2023:0045

RHSA-2023:0046

RHSA-2023:2248

RHSA-2023:2249

RHSA-2023:2257

RHSA-2023:2805

RHSA-2023:2806

RHSA-2023:2830

RHSA-2023_0045

RHSA-2023_0046

RHSA-2023_2248

RHSA-2023_2249

RHSA-2023_2257

RHSA-2023_2805

RHSA-2023_2806

RHSA-2023_2830

RHSA-2025:12751

ROSA-SA-2023-2092

ROSA-SA-2023-2095

SUSE-SU-2022:4479-1

SUSE-SU-2022:4480-1

SUSE-SU-2022:4481-1

SUSE-SU-2022:4482-1

SUSE-SU-2022:4483-1

SUSE-SU-2022:4484-1

SUSE-SU-2022:4485-1

SUSE-SU-2022:4487-1

USN-5778-1

USN-5778-2

ZDI-22-1697

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Red Hat

Red Os

Suse

Ubuntu

X.Org

CVE-2022-46342

Weakness Enumeration

Related Identifiers

Affected Products

References · 125