Advisory ROSA-SA-2023-2092

Software: xorg-x11-server 1.20.4
OS: rosa-server79

package_evr_string: xorg-x11-server-common-1.20.4-16.

CVE-ID: CVE-2022-4283
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC: A vulnerability has been discovered in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-memory accesses on subsequent XkbGetKbdByName requests. This issue can lead to local privilege escalation on systems where privileged and remote code execution for ssh X forwarding sessions is performed on the X server.
CVE-STATUS: Fixed
CVE-REV: Run the yum update command to close it

CVE-ID: CVE-2022-46340
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC: A vulnerability has been discovered in X.Org. This security flaw occurs because the paging handler for the XTest extension’s XTestFakeInput request can corrupt the stack if GenericEvents with lengths greater than 32 bytes are sent via an XTestFakeInput request. This issue can lead to local privilege escalation on systems where privileged and remote code execution for ssh X forwarding sessions is performed on the X server. This issue does not affect systems where the client and server use the same byte order.
CVE-STATUS: Fixed
CVE-REV: Run the yum update command to close it

CVE-ID: CVE-2022-46341
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC: A vulnerability has been discovered in X.Org. This security flaw occurs because the XIPassiveUngrab request handler accesses out-of-memory memory when called with a high keycode or button code. This issue could lead to local privilege escalation on systems where privileged and remote code execution for ssh X forwarding sessions is performed on the X server.
CVE-STATUS: Fixed
CVE-REV: Run the yum update command to close it

CVE-ID: CVE-2022-46342
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC: A vulnerability has been discovered in X.Org. This vulnerability occurs because the XvdiSelectVideoNotify request handler can perform writes to memory after it has been freed. This flaw could lead to local privilege escalation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
CVE-STATUS: Fixed
CVE-REV: To close, run the yum update command

CVE-ID: CVE-2022-46343
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC: A vulnerability has been discovered in X.Org. This security flaw occurs because the ScreenSaverSetAttributes request handler can perform writes to memory after it has been freed. This issue could lead to local privilege escalation on systems where privileged and remote code execution for ssh X forwarding sessions is performed on the X server.
CVE-STATUS: Fixed
CVE-REV: To close, run the yum update command

CVE-ID: CVE-2022-46344
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC: A vulnerability has been discovered in X.Org. This security flaw occurs because the XIChangeProperty request handler has issues with length validation, resulting in out-of-memory reads and potential information disclosure. This issue could lead to local privilege escalation on systems where privileged and remote code execution for ssh X forwarding sessions is performed on the X server.
CVE-STATUS: Fixed
CVE-REV: Run the yum update command to close it

CVE-ID: CVE-2022-3550
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC: A vulnerability classified as critical has been discovered in X.org Server. The _GetCountedString function of the xkb/xkb.c file is affected by this vulnerability. The manipulation results in a buffer overflow.
CVE-STATUS: Fixed
CVE-REV: Execute yum update command to close.

CVE-ID: CVE-2022-3551
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC: A vulnerability classified as a problem has been discovered in X.org Server. The issue affects the ProcXkbGetKbdByName function of the xkb/xkb.c file. The manipulation results in a memory leak.
CVE-STATUS: Fixed
CVE-REV: Run the yum update command to close it