Lucene search

K

Redhat.comRH:CVE-2022-46343

HistoryDec 14, 2022 - 5:05 a.m.

CVE-2022-46343

2022-12-1405:05:26

redhat.com

access.redhat.com

7

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.028 Low

EPSS

Percentile

90.7%

A vulnerability was found in X.Org. This issue occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This flaw can lead to local privileges elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.

References

bugzilla.redhat.com/show_bug.cgi?id=2151758

nvd.nist.gov/vuln/detail/CVE-2022-46343

www.cve.org/CVERecord?id=CVE-2022-46343

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.028 Low

EPSS

Percentile

90.7%

Related for RH:CVE-2022-46343