Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-3551

Опубликовано: 17 окт. 2022
Источник: redhat
CVSS3: 6.5
EPSS Низкий

Описание

A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.

A flaw was found in the xorg-x11-server package. The ProcXkbGetKbdByName function in xkb/xkb.c does not release allocated data when an error is encountered, allowing for a memory leak.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6xorg-x11-serverOut of support scope
Red Hat Enterprise Linux 7xorg-x11-serverFixedRHSA-2022:849116.11.2022
Red Hat Enterprise Linux 8xorg-x11-server-XwaylandFixedRHSA-2023:280516.05.2023
Red Hat Enterprise Linux 8xorg-x11-serverFixedRHSA-2023:280616.05.2023
Red Hat Enterprise Linux 9xorg-x11-serverFixedRHSA-2023:224809.05.2023
Red Hat Enterprise Linux 9xorg-x11-server-XwaylandFixedRHSA-2023:224909.05.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-401
Дефект:
CWE-404
https://bugzilla.redhat.com/show_bug.cgi?id=2140701xorg-x11-server: memory leak in ProcXkbGetKbdByName() in xkb/xkb.c

EPSS

Процентиль: 55%
0.00332
Низкий

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-3551

CVSS3: 3.5
ubuntu
больше 2 лет назад

A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.

nvd логотип

CVE-2022-3551

CVSS3: 3.5
nvd
больше 2 лет назад

A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.

debian логотип

CVE-2022-3551

CVSS3: 3.5
debian
больше 2 лет назад

A vulnerability, which was classified as problematic, has been found i ...

github логотип

GHSA-3j3c-w82w-2cmg

CVSS3: 7.5
github
больше 2 лет назад

A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.

fstec логотип

BDU:2023-07831

CVSS3: 6.5
fstec
почти 3 года назад

Уязвимость функции ProcXkbGetKbdByName компонента xkb/xkb.c реализации протокола Wayland для X.Org XWayland, реализации сервера X Window System X.Org Server, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 55%
0.00332
Низкий

6.5 Medium

CVSS3