AZL-44346

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-44346.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-44346

Upstream

CVE-2022-46343

Published

2022-12-14T21:15:13Z

Modified

2026-04-01T05:15:34.614283Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

CVE-2022-46343 affecting package xorg-x11-server 1.20.10-6

Details

A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

References

https://nvd.nist.gov/vuln/detail/CVE-2022-46343

Affected packages

Azure Linux:3 / xorg-x11-server

Package

Name: xorg-x11-server
Purl: pkg:rpm/azure-linux/xorg-x11-server

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

1.20.10-6

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-44346.json"