High severity8.8NVD Advisory· Published Dec 14, 2022· Updated Jun 17, 2026
CVE-2022-46340
CVE-2022-46340
Description
A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. This issue does not affect systems where client and server use the same byte order.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
66- osv-coords65 versionspkg:rpm/almalinux/tigervncpkg:rpm/almalinux/tigervnc-iconspkg:rpm/almalinux/tigervnc-licensepkg:rpm/almalinux/tigervnc-selinuxpkg:rpm/almalinux/tigervnc-serverpkg:rpm/almalinux/tigervnc-server-minimalpkg:rpm/almalinux/tigervnc-server-modulepkg:rpm/almalinux/xorg-x11-server-commonpkg:rpm/almalinux/xorg-x11-server-develpkg:rpm/almalinux/xorg-x11-server-sourcepkg:rpm/almalinux/xorg-x11-server-Xdmxpkg:rpm/almalinux/xorg-x11-server-Xephyrpkg:rpm/almalinux/xorg-x11-server-Xnestpkg:rpm/almalinux/xorg-x11-server-Xorgpkg:rpm/almalinux/xorg-x11-server-Xvfbpkg:rpm/almalinux/xorg-x11-server-Xwaylandpkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/xwayland&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/xwayland&distro=openSUSE%20Tumbleweedpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-ESPOSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Server%204.2pkg:rpm/suse/xorg-x11-server&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/xorg-x11-server&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/xwayland&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4
< 1.12.0-13.el9_2+ 64 more
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 21.1.3-7.el9
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150400.38.13.1
- (no CPE)range: < 21.1.4-6.1
- (no CPE)range: < 21.1.4-150400.3.6.1
- (no CPE)range: < 22.1.5-2.1
- (no CPE)range: < 1.20.3-150100.14.5.33.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.69.1
- (no CPE)range: < 1.20.3-150100.14.5.33.1
- (no CPE)range: < 1.20.3-150100.14.5.33.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.69.1
- (no CPE)range: < 1.20.3-150200.22.5.69.1
- (no CPE)range: < 1.19.6-150000.8.47.1
- (no CPE)range: < 1.19.6-150000.8.47.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150400.38.13.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150400.38.13.1
- (no CPE)range: < 1.20.3-150200.22.5.69.1
- (no CPE)range: < 7.6_1.18.3-76.57.1
- (no CPE)range: < 7.6_1.18.3-76.57.1
- (no CPE)range: < 1.19.6-4.45.1
- (no CPE)range: < 1.19.6-4.39.1
- (no CPE)range: < 1.19.6-10.40.1
- (no CPE)range: < 1.20.3-150100.14.5.33.1
- (no CPE)range: < 1.20.3-150100.14.5.33.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.69.1
- (no CPE)range: < 1.19.6-150000.8.47.1
- (no CPE)range: < 1.19.6-4.39.1
- (no CPE)range: < 1.19.6-10.40.1
- (no CPE)range: < 1.19.6-150000.8.47.1
- (no CPE)range: < 1.20.3-150100.14.5.33.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.69.1
- (no CPE)range: < 1.19.6-10.40.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.69.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.69.1
- (no CPE)range: < 1.19.6-4.39.1
- (no CPE)range: < 1.19.6-4.39.1
- (no CPE)range: < 21.1.4-150400.3.6.1
Patches
Vulnerability mechanics
References
8- access.redhat.com/security/cve/CVE-2022-46340nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/nvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/nvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWTH3SNJ3GKYDSN7I3QDGWYEPSMWU6EP/nvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/nvdMailing ListThird Party Advisory
- www.debian.org/security/2022/dsa-5304nvdThird Party Advisory
- security.gentoo.org/glsa/202305-30nvd
News mentions
0No linked articles in our index yet.