Remote Code Execution (RCE)

🗓️ 23 Dec 2022 11:42:15Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 21 Views

X.Org vulnerable to Remote Code Execution (RCE) via `XkbCopyNames` functio

Reporter	Title	Published	Views	Family All 240
FreeBSD	xorg-server -- Multiple security issues in X server extensions	14 Dec 202200:00	–	freebsd
Tenable Nessus	Amazon Linux 2023 : xorg-x11-server-common, xorg-x11-server-devel, xorg-x11-server-source (ALAS2023-2023-102)	21 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : xorg-x11-server (ALAS-2023-1982)	7 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : xorg-x11-server (ALAS-2023-1689)	23 Feb 202300:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0062: xorg-x11-server (ALINUX3-SA-2023:0062)	14 May 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0063: tigervnc (ALINUX3-SA-2023:0063)	14 May 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0044: xorg-x11-server-Xwayland (ALINUX3-SA-2024:0044)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : xorg-x11-server (ALSA-2023:2248)	14 May 202300:00	–	nessus
Tenable Nessus	AlmaLinux 9 : xorg-x11-server-Xwayland (ALSA-2023:2249)	14 May 202300:00	–	nessus
Tenable Nessus	AlmaLinux 9 : tigervnc (ALSA-2023:2257)	14 May 202300:00	–	nessus

Vulners

Node

x.org xorg-serverMatch21.1.4-r1os

AND

alpinelinux alpine_linuxMatch3.17

x.org xorg-serverMatch1.20.8-r0os

AND

x.org xorg-serverMatch1.20.7-r0os

AND

x.org xorg-serverMatch1.20.8-r2os

AND

x.org xorg-serverMatch1.20.13-r0os

AND

x.org xorg-serverMatch21.1.4-r0os

AND

x.org xorg-serverMatch1.20.11-r0os

AND

x.org xorg-serverMatch21.1.3-r1os

AND

x.org xorg-serverMatch21.1.3-r0os

AND

x.org xorg-serverMatch1.20.10-r3os

AND

x.org xorg-serverMatch1.20.12-r0os

AND

x.org xorg-serverMatch1.20.8-r1os

AND

x.org xorg-serverMatch1.20.10-r4os

AND

x.org xorg-serverMatch21.1.4-r1os

AND

x.org xorg-serverMatch1.20.10-r5os

AND

alpinelinux alpine_linuxMatchedge

x.org xwaylandMatch22.1.5-r0os

AND

x.org xwaylandMatch22.1.4-r1os

AND

alpinelinux alpine_linuxMatch3.17

x.org xwaylandMatch22.1.5-r0os

AND

x.org xwaylandMatch22.1.2-r0os

AND

x.org xwaylandMatch21.1.2-r0os

AND

x.org xwaylandMatch22.1.1-r0os

AND

x.org xwaylandMatch22.1.0-r0os

AND

x.org xwaylandMatch22.1.4-r0os

AND

x.org xwaylandMatch21.1.1-r1os

AND

x.org xwaylandMatch22.1.4-r1os

AND

x.org xwaylandMatch21.1.4-r0os

AND

x.org xwaylandMatch21.1.1-r2os

AND

x.org xwaylandMatch21.1.0-r1os

AND

x.org xwaylandMatch21.1.2-r1os

AND

x.org xwaylandMatch22.1.3-r1os

AND

x.org xwaylandMatch22.1.3-r0os

AND

x.org xwaylandMatch21.1.1-r0os

AND

x.org xwaylandMatch21.1.0-r4os

AND

x.org xwaylandMatch21.1.0-r3os

AND

alpinelinux alpine_linuxMatchedge

devel develMatch2:1.20.9-2ubuntu1debian

AND

devel develMatch2:1.20.10-3ubuntu3debian

AND

devel develMatch2:1.20.8-2ubuntu6debian

AND

devel develMatch2:1.20.8-2ubuntu4debian

AND

debian debian_linux

x.org xwaylandMatch2:1.20.8-2debian

AND

x.org xwaylandMatch2:1.20.11-1debian

AND

debian debian_linuxMatch999

x.org xwaylandMatch2:1.20.11-1debian

AND

debian debian_linuxMatch12

xorg-x11-server xorg-x11-serverMatch1.17.4_16.el6

xorg-x11-server xorg-x11-serverMatch1.19.5_5.1.el7_5

xorg-x11-server xorg-x11-serverMatch1.10.4_6.el6_2.1

xorg-x11-server xorg-x11-serverMatch1.13.0_23.1.el6_5

xorg-x11-server xorg-x11-serverMatch1.17.4_9.el6

xorg-x11-server xorg-x11-serverMatch1.10.4_6.el6

xorg-x11-server xorg-x11-serverMatch1.15.0_26.el6_6

xorg-x11-server xorg-x11-serverMatch1.17.4_18.el6_10

xorg-x11-server xorg-x11-serverMatch1.7.7_29.el6

xorg-x11-server xorg-x11-serverMatch1.17.4_17.el6

xorg-x11-server xorg-x11-serverMatch1.7.7_26.el6

xorg-x11-server xorg-x11-serverMatch1.7.7_29.el6_1.2

xorg-x11-server xorg-x11-serverMatch1.17.4_9.5.el6_8

xorg-x11-server xorg-x11-serverMatch1.13.0_23.el6

xorg-x11-server xorg-x11-serverMatch1.15.0_25.1.el6_6

xorg-x11-server xorg-x11-serverMatch1.17.4_16.el6_9.1

xorg-x11-server xorg-x11-serverMatch1.10.6_1.el6

xorg-x11-server xorg-x11-serverMatch1.15.0_33.ael7b_1

xorg-x11-server xorg-x11-serverMatch1.7.7_26.el6_0.3

xorg-x11-server xorg-x11-serverMatch1.13.0_11.1.el6_4.1

xorg-x11-server xorg-x11-serverMatch1.13.0_11.1.el6_4.2

xorg-x11-server xorg-x11-serverMatch1.15.0_22.el6

xorg-x11-server xorg-x11-serverMatch1.15.0_25.el6_6

xorg-x11-server xorg-x11-serverMatch1.15.0_36.el6

xorg-x11-server xorg-x11-serverMatch1.10.4_6.el6_2.3

xorg-x11-server xorg-x11-serverMatch1.13.0_11.el6

tigervnc tigervncMatch1.8.0_13.el7

tigervnc tigervncMatch1.1.0_16.el6

tigervnc tigervncMatch1.9.0_9.el8

tigervnc tigervncMatch1.0.90_0.10.20100115svn3945.el6

tigervnc tigervncMatch1.1.0_8.el6_5

tigervnc tigervncMatch1.8.0_19.el7

tigervnc tigervncMatch1.8.0_22.el7

tigervnc tigervncMatch1.8.0_17.el7

tigervnc tigervncMatch1.0.90_0.17.20110314svn4359.el6

tigervnc tigervncMatch1.8.0_21.el7

tigervnc tigervncMatch1.1.0_5.el6_4.1

tigervnc tigervncMatch1.0.90_0.15.20110314svn4359.el6

tigervnc tigervncMatch1.1.0_18.el6

tigervnc tigervncMatch1.1.0_5.el6

tigervnc tigervncMatch1.1.0_24.el6

tigervnc tigervncMatch1.0.90_0.15.20110314svn4359.el6_1.1

xorg-x11-server-xwayland xorg-x11-server-xwaylandMatch1.20.3_5.el8

xorg-x11-server-xwayland xorg-x11-server-xwaylandMatch1.20.3_5.2.el8_0

Source	Link
secdb	www.secdb.alpinelinux.org/v3.17/community.yaml
secdb	www.secdb.alpinelinux.org/edge/community.yaml
debian	www.debian.org/security/2022/dsa-5304
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/
access	www.access.redhat.com/errata/RHSA-2023:0045
access	www.access.redhat.com/errata/RHSA-2023:0046
access	www.access.redhat.com/security/cve/CVE-2022-4283
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

14 Apr 2025 21:28Current

8.7High risk

Vulners AI Score8.7

CVSS 3.17.8

EPSS0.002

SSVC