AVG-2770 log

Package	xorg-server
Status	Fixed
Severity	High
Type	privilege escalation
Affected	21.1.3-7
Fixed	21.1.4-1
Current	21.1.14-1 [extra]
Ticket	None
Created	Tue Jul 12 14:05:36 2022

Issue	Severity	Remote	Type	Description
CVE-2022-2320	High	No	Privilege escalation	The handler for the ProcXkbSetGeometry request of the Xkb extension does not properly validate the request length leading to out of bounds memory write.
CVE-2022-2319	High	No	Privilege escalation	The handler for the ProcXkbSetDeviceInfo request of the Xkb extension does not properly validate the request length leading to out of bounds memory write.

Issue

Severity

Remote

Type

Description

CVE-2022-2320

High

Privilege escalation

The handler for the ProcXkbSetGeometry request of the Xkb extension does not properly validate the request length leading to out of bounds memory write.

CVE-2022-2319

High

Privilege escalation

The handler for the ProcXkbSetDeviceInfo request of the Xkb extension does not properly validate the request length leading to out of bounds memory write.

References
https://lists.x.org/archives/xorg/2022-July/061035.html