Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2022:4483-1 Important: Xorg-X11-Server Critical Access Issues

suse
Calendar Grey December 14, 2022
Dist Suse Esm H88
An important SUSE update addresses critical issues in xorg-x11-server with detailed installation instructions.
An update that solves 6 vulnerabilities and has one errata is now available

Summary

This update for xorg-x11-server fixes the following issues: - CVE-2022-46340: Server XTestSwapFakeInput stack overflow (bsc#1205874) - CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds access (bsc#1205877) - CVE-2022-46342: Server XvdiSelectVideoNotify use-after-free (bsc#1205879) - CVE-2022-46343: Server ScreenSaverSetAttributes use-after-free (bsc#1205878) - CVE-2022-46344: Server XIChangeProperty out-of-bounds access (bsc#1205876) - CVE-2022-4283: Reset the radio_groups pointer to NULL after freeing it (bsc#1206017) - Xi: return an error from XI property changes if verification failed (bsc#1205875) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

Topics%20covered

Topics Covered

security advisory buffer overflow critical access violation SUSE Linux Enterprise Server Xorg-X11

References

#1205874 #1205875 #1205876 #1205877 #1205878

#1205879 #1206017

Cross- CVE-2022-4283 CVE-2022-46340 CVE-2022-46341

CVE-2022-46342 CVE-2022-46343 CVE-2022-46344

CVSS scores:

CVE-2022-4283 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-46340 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CVE-2022-46341 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CVE-2022-46342 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

CVE-2022-46343 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

CVE-2022-46344 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Affected Products:

SUSE Linux Enterprise Server 12-SP5

SUSE Linux Enterprise Server for SAP Applications 12-SP5

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:4483-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow critical access violation SUSE Linux Enterprise Server Xorg-X11

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here