Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-46340
HistoryDec 14, 2022 - 12:00 a.m.

CVE-2022-46340

2022-12-1400:00:00
ubuntu.com
ubuntu.com
17
x.org
vulnerability
stack corruption
xtest extension
local privileges
remote code execution
ssh x forwarding

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.075

Percentile

94.3%

A vulnerability was found in X.Org. This security flaw occurs becuase the
swap handler for the XTestFakeInput request of the XTest extension may
corrupt the stack if GenericEvents with lengths larger than 32 bytes are
sent through a the XTestFakeInput request. This issue can lead to local
privileges elevation on systems where the X server is running privileged
and remote code execution for ssh X forwarding sessions. This issue does
not affect systems where client and server use the same byte order.

Notes

Author Note
mdeslaur xorg server is actually the xorg-server package the xorg package only contains docs xwayland package contains parts of xorg-server This is ZDI-CAN-19265
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchxorg-server< 2:1.19.6-1ubuntu4.13UNKNOWN
ubuntu20.04noarchxorg-server< 2:1.20.13-1ubuntu1~20.04.5UNKNOWN
ubuntu22.04noarchxorg-server< 2:21.1.3-2ubuntu2.5UNKNOWN
ubuntu22.10noarchxorg-server< 2:21.1.4-2ubuntu1.3UNKNOWN
ubuntu23.04noarchxorg-server< 2:21.1.5-1ubuntu1UNKNOWN
ubuntu14.04noarchxorg-server< 2:1.15.1-0ubuntu2.11+esm7UNKNOWN
ubuntu16.04noarchxorg-server< 2:1.18.4-0ubuntu0.12+esm5UNKNOWN
ubuntu16.04noarchxorg-server-hwe-16.04< 2:1.19.6-1ubuntu4.1~16.04.6+esm4UNKNOWN
ubuntu18.04noarchxorg-server-hwe-18.04< 2:1.20.8-2ubuntu2.2~18.04.9UNKNOWN
ubuntu22.04noarchxwayland< 2:22.1.1-1ubuntu0.4UNKNOWN
Rows per page:
1-10 of 121

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.075

Percentile

94.3%