Corrective releases of X.Org Server 21.1.5 and xwayland 22.1.6, the DDX component (Device-Dependent X) that runs X.Org Server to run X11 applications in Wayland-based environments, have been published. The new versions fix 6 vulnerabilities that could potentially be exploited for privilege escalation on systems running the X server as root, as well as for remote code execution in configurations that use X11 session redirection using SSH for access.
- CVE-2022-46340 - Stack overflow while processing XTestSwapFakeInput requests with data larger than 32 bytes in the GenericEvents field.
- CVE-2022-46341 - Out-of-bounds buffer handling when processing XIPassiveUngrab requests called with large key or button code values.
- CVE-2022-46342 - Use-after-free access to memory via XvdiSelectVideoNotify request manipulation.
- CVE-2022-46343 - Accessing memory after it is freed (use-after-free) through manipulation of ScreenSaverSetAttributes requests.
- CVE-2022-46344 - Accessing out-of-bounds data when processing XIChangeProperty requests with large parameters.
- CVE-2022-46283 - Use-after-free access to memory via XkbGetKbdByName request manipulation.
Source: opennet.ru