Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-46343

Опубликовано: 14 дек. 2022
Источник: nvd
CVSS3: 8.8
EPSS Низкий

Описание

A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:x.org:x_server:1.20.4:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 76%
0.00994
Низкий

8.8 High

CVSS3

Дефекты

CWE-416
CWE-416

Связанные уязвимости

ubuntu логотип

CVE-2022-46343

CVSS3: 8.8
ubuntu
больше 2 лет назад

A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

redhat логотип

CVE-2022-46343

CVSS3: 8.8
redhat
больше 2 лет назад

A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

debian логотип

CVE-2022-46343

CVSS3: 8.8
debian
больше 2 лет назад

A vulnerability was found in X.Org. This security flaw occurs because ...

github логотип

GHSA-cfjv-73gp-92j6

CVSS3: 8.8
github
больше 2 лет назад

A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

fstec логотип

BDU:2023-07838

CVSS3: 8.8
fstec
больше 2 лет назад

Уязвимость функции ScreenSaverSetAttributes реализации сервера X Window System X.Org Server, реализации протокола Wayland для X.Org XWayland, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 76%
0.00994
Низкий

8.8 High

CVSS3

Дефекты

CWE-416
CWE-416