High severity8.8NVD Advisory· Published Dec 14, 2022· Updated Jun 17, 2026
CVE-2022-46343
CVE-2022-46343
Description
A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
58- osv-coords56 versionspkg:rpm/almalinux/tigervncpkg:rpm/almalinux/tigervnc-iconspkg:rpm/almalinux/tigervnc-licensepkg:rpm/almalinux/tigervnc-selinuxpkg:rpm/almalinux/tigervnc-serverpkg:rpm/almalinux/tigervnc-server-minimalpkg:rpm/almalinux/tigervnc-server-modulepkg:rpm/almalinux/xorg-x11-server-commonpkg:rpm/almalinux/xorg-x11-server-develpkg:rpm/almalinux/xorg-x11-server-sourcepkg:rpm/almalinux/xorg-x11-server-Xdmxpkg:rpm/almalinux/xorg-x11-server-Xephyrpkg:rpm/almalinux/xorg-x11-server-Xnestpkg:rpm/almalinux/xorg-x11-server-Xorgpkg:rpm/almalinux/xorg-x11-server-Xvfbpkg:rpm/almalinux/xorg-x11-server-Xwaylandpkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/xwayland&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/xwayland&distro=openSUSE%20Tumbleweedpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/xorg-x11-server&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/xorg-x11-server&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/xwayland&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4
< 1.12.0-13.el9_2+ 55 more
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.12.0-13.el9_2
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 1.20.11-17.el9
- (no CPE)range: < 21.1.3-7.el9
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150400.38.13.1
- (no CPE)range: < 21.1.4-6.1
- (no CPE)range: < 21.1.4-150400.3.6.1
- (no CPE)range: < 22.1.5-2.1
- (no CPE)range: < 1.20.3-150100.14.5.33.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150100.14.5.33.1
- (no CPE)range: < 1.20.3-150100.14.5.33.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.19.6-150000.8.47.1
- (no CPE)range: < 1.19.6-150000.8.47.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150400.38.13.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150400.38.13.1
- (no CPE)range: < 7.6_1.18.3-76.57.1
- (no CPE)range: < 7.6_1.18.3-76.57.1
- (no CPE)range: < 1.19.6-4.39.1
- (no CPE)range: < 1.19.6-10.40.1
- (no CPE)range: < 1.20.3-150100.14.5.33.1
- (no CPE)range: < 1.20.3-150100.14.5.33.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.19.6-150000.8.47.1
- (no CPE)range: < 1.19.6-4.39.1
- (no CPE)range: < 1.19.6-10.40.1
- (no CPE)range: < 1.19.6-150000.8.47.1
- (no CPE)range: < 1.20.3-150100.14.5.33.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.19.6-10.40.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.20.3-150200.22.5.63.1
- (no CPE)range: < 1.19.6-4.39.1
- (no CPE)range: < 1.19.6-4.39.1
- (no CPE)range: < 21.1.4-150400.3.6.1
Patches
Vulnerability mechanics
References
7- access.redhat.com/security/cve/CVE-2022-46343nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/nvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/nvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/nvdMailing ListThird Party Advisory
- www.debian.org/security/2022/dsa-5304nvdThird Party Advisory
- security.gentoo.org/glsa/202305-30nvd
News mentions
0No linked articles in our index yet.