Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2022-2320

A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root.

Related bugs and status

CVE-2022-2320 (Candidate) is related to these bugs:

Bug #1990456: xorg reports bogus 1600x1024 resolution

		In	Importance	Status
1990456	xorg reports bogus 1600x1024 resolution	xorg-server (Ubuntu)	Undecided	Fix Released
1990456	xorg reports bogus 1600x1024 resolution	OEM Priority Project	Critical	Fix Committed
1990456	xorg reports bogus 1600x1024 resolution	xorg-server (Ubuntu Jammy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/fre...
MISC: https://gitlab.freedes...
MISC: https://gitlab.freedes...
MISC: https://lists.freedesk...
MISC: https://www.zerodayini...
MISC: https://security.gento...
MISC: https://security.netap...