From d3bb7acc1507dc9d4a2815f9ba626f57529f6ea5 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 12 Feb 2023 22:03:22 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/46xxx/CVE-2022-46344.json | 55 +++++++--------------------------- 1 file changed, 11 insertions(+), 44 deletions(-) diff --git a/2022/46xxx/CVE-2022-46344.json b/2022/46xxx/CVE-2022-46344.json index 138673eb74f..6347d7d8c85 100644 --- a/2022/46xxx/CVE-2022-46344.json +++ b/2022/46xxx/CVE-2022-46344.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability was found in X.Org. The issue occurs because the handler for the XIChangeProperty request has a length-validation issue, resulting in out-of-bounds memory reads and potential information disclosure. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions." + "value": "A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions." } ] }, @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "Out-of-bounds Read", - "cweId": "CWE-125" + "value": "out-of-bounds access" } ] } @@ -32,20 +31,16 @@ "vendor": { "vendor_data": [ { - "vendor_name": "Red Hat", + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "Red Hat Enterprise Linux 7", + "product_name": "xorg-x11-server", "version": { "version_data": [ { - "version_value": "0:1.8.0-23.el7_9", - "version_affected": "!" - }, - { - "version_value": "0:1.20.4-21.el7_9", - "version_affected": "!" + "version_affected": "=", + "version_value": "xorg-x11-server-1.20.4" } ] } @@ -63,6 +58,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/security/cve/CVE-2022-46344" }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151760", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2151760" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/", "refsource": "MISC", @@ -82,39 +82,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2023:0045", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2023:0045" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2023:0046", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2023:0046" - }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151760", - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2151760" - } - ] - }, - "impact": { - "cvss": [ - { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" } ] }