CVE-2022-46342
8.8
HIGH
CVSS 3.1
EPSS 0.13%
Description
A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se
How to fix CVE-2022-46342
To remediate CVE-2022-46342, upgrade the affected package to a fixed version below.
- Debian/xorg-server—upgrade to 2:1.20.11-1+deb11u4 or later
- —upgrade to 2:22.1.6-1 or later
Is CVE-2022-46342 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2:1.20.11-1+deb11u4
- from 0, < 2:22.1.6-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |