Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2022-3550

Published: 17/10/2022 Updated: 07/11/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to X.org

Vulnerability Summary

A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

x.org x server

debian debian linux 10.0

debian debian linux 11.0

fedoraproject fedora 35

fedoraproject fedora 36

fedoraproject fedora 37

Vendor Advisories

Debian Security Advisories: DSA-5278-1 xorg-server -- security update
It was discovered that a buffer overflow in the _getCountedString() function of the Xorg X server may result in denial of service or potentially the execution of arbitrary code For the stable distribution (bullseye), these problems have been fixed in version 2:12011-1+deb11u3 We recommend that you upgrade your xorg-server packages For the deta ...
Red Hat: Moderate: xorg-x11-server-Xwayland security update
Synopsis Moderate: xorg-x11-server-Xwayland security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9Red Hat Product Security ha ...
Red Hat: Moderate: xorg-x11-server security and bug fix update
Synopsis Moderate: xorg-x11-server security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rate ...
Red Hat: Moderate: xorg-x11-server security and bug fix update
Synopsis Moderate: xorg-x11-server security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rate ...
Red Hat: Important: xorg-x11-server security update
Synopsis Important: xorg-x11-server security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this upd ...
Amazon Linux 2: ALAS2-2023-1910
A vulnerability classified as critical was found in Xorg Server Affected by this vulnerability is the function _GetCountedString of the file xkb/xkbc The manipulation leads to buffer overflow It is recommended to apply a patch to fix this issue The associated identifier of this vulnerability is VDB-211051 (CVE-2022-3550) A vulnerability, whi ...
Red Hat:
DescriptionThe MITRE CVE dictionary describes this issue as: A vulnerability classified as critical was found in Xorg Server Affected by this vulnerability is the function _GetCountedString of the file xkb/xkbc The manipulation leads to buffer overflow It is recommended to apply a patch to fix this issue The associated identifier of this vuln ...
Amazon Linux 2022: ALAS-2022-250
ALAS-2022-250 Amazon Linux 2022 Security Advisory: ALAS-2022-250 Advisory Release Date: 2022-12-06 16:44 Pacific ...

References

CWE-119https://cgit.freedesktop.org/xorg/xserver/commit/?id=11beef0b7f1ed290348e45618e5fa0d2bffcb72ehttps://vuldb.com/?id.211051https://lists.debian.org/debian-lts-announce/2022/11/msg00012.htmlhttps://www.debian.org/security/2022/dsa-5278https://security.gentoo.org/glsa/202305-30https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXZZ6JBDBVBYPDI6DUTY6N36GNW37YHK/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7W3NXSYK4P3XCZQBI3U6UWP4DPZIMRZ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IOEDFBYPSE3EMVHTEFCVEJD2R2Y5F2A5/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QTPFVGYTOY4EWTJEBH3YGDTTU57FZAK/https://nvd.nist.govhttps://www.debian.org/security/2022/dsa-5278
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook