Hide Forgot
CVE-2022-46343/ZDI-CAN-19404: X.Org Server ScreenSaverSetAttributes use-after-free The handler for the ScreenSaverSetAttributes request may write to memory after it has been freed.
Xorg server does not run with root privileges in Red Hat Enterprise Linux 8 and 9, therefore Red Hat Enterprise Linux 8 and 9 have been rated with a moderate severity.
Created xorg-x11-server tracking bugs for this issue: Affects: fedora-36 [bug 2153122] Affects: fedora-37 [bug 2153124] Created xorg-x11-server-Xwayland tracking bugs for this issue: Affects: fedora-36 [bug 2153125] Affects: fedora-37 [bug 2153126]
Created tigervnc tracking bugs for this issue: Affects: fedora-36 [bug 2154213] Affects: fedora-37 [bug 2154215]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:0045 https://access.redhat.com/errata/RHSA-2023:0045
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:0046 https://access.redhat.com/errata/RHSA-2023:0046
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-46343