{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-46342", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2024-08-03T14:31:46.114Z", "dateReserved": "2022-11-30T00:00:00", "datePublished": "2022-12-14T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2022-12-26T00:00:00"}, "descriptions": [{"lang": "en", "value": "A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se"}], "affected": [{"vendor": "n/a", "product": "xorg-x11-server", "versions": [{"version": "xorg-x11-server-1.20.4", "status": "affected"}]}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151757"}, {"url": "https://access.redhat.com/security/cve/CVE-2022-46342"}, {"name": "FEDORA-2022-c3a65f7c65", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/"}, {"name": "FEDORA-2022-721a78b7e5", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/"}, {"name": "DSA-5304", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2022/dsa-5304"}, {"name": "FEDORA-2022-dd3eb7e0a8", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/"}, {"url": "https://security.gentoo.org/glsa/202305-30"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "use-after-free"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T14:31:46.114Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151757", "tags": ["x_transferred"]}, {"url": "https://access.redhat.com/security/cve/CVE-2022-46342", "tags": ["x_transferred"]}, {"name": "FEDORA-2022-c3a65f7c65", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/"}, {"name": "FEDORA-2022-721a78b7e5", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/"}, {"name": "DSA-5304", "tags": ["vendor-advisory", "x_transferred"], "url": "https://www.debian.org/security/2022/dsa-5304"}, {"name": "FEDORA-2022-dd3eb7e0a8", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/"}, {"url": "https://security.gentoo.org/glsa/202305-30", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:x.org:x_server:1.20.4:*:*:*:*:*:*:*", "matchCriteriaId": "57310355-409C-49E8-ACA1-A26AD5ECA739", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se"}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en X.Org. Este fallo de seguridad se produce porque el controlador de la solicitud XvdiSelectVideoNotify puede escribir en la memoria una vez liberada. Este problema puede provocar una elevaci\u00f3n de privilegios locales en sistemas donde X se"}], "id": "CVE-2022-46342", "lastModified": "2023-05-30T06:15:55.030", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-14T21:15:13.487", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2022-46342"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151757"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/"}, {"source": "secalert@redhat.com", "url": "https://security.gentoo.org/glsa/202305-30"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5304"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:0045", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "tigervnc-0:1.8.0-23.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2023-01-09T00:00:00Z"}, {"advisory": "RHSA-2023:0046", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "xorg-x11-server-0:1.20.4-21.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2023-01-09T00:00:00Z"}, {"advisory": "RHSA-2023:2805", "cpe": "cpe:/a:redhat:enterprise_linux:8", "impact": "moderate", "package": "xorg-x11-server-Xwayland-0:21.1.3-10.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-05-16T00:00:00Z"}, {"advisory": "RHSA-2023:2806", "cpe": "cpe:/a:redhat:enterprise_linux:8", "impact": "moderate", "package": "xorg-x11-server-0:1.20.11-15.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-05-16T00:00:00Z"}, {"advisory": "RHSA-2023:2830", "cpe": "cpe:/a:redhat:enterprise_linux:8", "impact": "moderate", "package": "tigervnc-0:1.12.0-15.el8_8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-05-16T00:00:00Z"}, {"advisory": "RHSA-2023:2248", "cpe": "cpe:/a:redhat:enterprise_linux:9", "impact": "moderate", "package": "xorg-x11-server-0:1.20.11-17.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}, {"advisory": "RHSA-2023:2249", "cpe": "cpe:/a:redhat:enterprise_linux:9", "impact": "moderate", "package": "xorg-x11-server-Xwayland-0:21.1.3-7.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}, {"advisory": "RHSA-2023:2257", "cpe": "cpe:/a:redhat:enterprise_linux:9", "impact": "moderate", "package": "tigervnc-0:1.12.0-13.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}], "bugzilla": {"description": "xorg-x11-server: XvdiSelectVideoNotify use-after-free", "id": "2151757", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151757"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-416", "details": ["A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se", "A vulnerability was found in X.Org. This flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions."], "name": "CVE-2022-46342", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "tigervnc", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "xorg-x11-server", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2022-12-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-46342\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-46342"], "statement": "Xorg server does not run with root privileges in Red Hat Enterprise Linux 8 and 9, therefore Red Hat Enterprise Linux 8 and 9 have been rated with a Moderate severity.", "threat_severity": "Important"}