CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4283

A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.3%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2022-4283

X.org » Xorg-Server » Version: 1.20.4

cpe:2.3:a:x.org:xorg-server:1.20.4
Debian » Debian Linux » Version: 11.0

cpe:2.3:o:debian:debian_linux:11.0
Fedoraproject » Fedora » Version: 36

cpe:2.3:o:fedoraproject:fedora:36
Fedoraproject » Fedora » Version: 37

cpe:2.3:o:fedoraproject:fedora:37
Redhat » Enterprise Linux » Version: 6.0

cpe:2.3:o:redhat:enterprise_linux:6.0
Redhat » Enterprise Linux » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux:7.0
Redhat » Enterprise Linux » Version: 8.0

cpe:2.3:o:redhat:enterprise_linux:8.0
Redhat » Enterprise Linux » Version: 9.0

cpe:2.3:o:redhat:enterprise_linux:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4283

Products

Pricing

Contact Us