VDB
DEBIAN-CVE-2022-46343
DEBIAN-CVE-2022-46343
PUBLISHED
CVSS 8.800000190734863 HIGH
A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | xorg-server | 0, 0, 0 |
| Debian:12 | xwayland | 0, 0, 0 |
| Debian:14 | xorg-server | 0, 0, 0 |
| Debian:14 | xwayland | 0, 0, 0 |
| Debian:12 | xorg-server | 0, 0, 0 |
| Debian:13 | xwayland | 0, 0, 0 |
| Debian:11 | xorg-server | 2:1.20.11-1+deb11u3, *, * |
Timeline
- Dec 14, 2022 CVE Published
- Apr 28, 2026 CVE Updated