RHSA-2023:2805MediumCVSS 8.8
Red Hat Security Advisory: xorg-x11-server-Xwayland security update
🔗 CVE IDs covered (9)
📋 Description
CVE-2022-3550 — xorg-x11-server: buffer overflow in _GetCountedString() in xkb/xkb.c CVE-2022-3551 — xorg-x11-server: memory leak in ProcXkbGetKbdByName() in xkb/xkb.c CVE-2022-4283 — xorg-x11-server: XkbGetKbdByName use-after-free CVE-2022-46340 — xorg-x11-server: XTestSwapFakeInput stack overflow CVE-2022-46341 — xorg-x11-server: XIPassiveUngrab out-of-bounds access CVE-2022-46342 — xorg-x11-server: XvdiSelectVideoNotify use-after-free CVE-2022-46343 — xorg-x11-server: ScreenSaverSetAttributes use-after-free CVE-2022-46344 — xorg-x11-server: XIChangeProperty out-of-bounds access CVE-2023-0494 — xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation
🔗 References (13)
- selfhttps://access.redhat.com/errata/RHSA-2023:2805
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2140698
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2140701
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2151755
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2151756
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2151757
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2151758
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2151760
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2151761
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2165995
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2805.json