Test ID:	1.3.6.1.4.1.25623.1.1.10.2022.0256
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2022-0256)
Summary:	The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2022-0256 advisory.
Description:	Summary: The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2022-0256 advisory. Vulnerability Insight: Updated x11-server packages fix security vulnerabilities: ProcXkbSetGeometry Out-Of-Bounds Access. The handler for the ProcXkbSetGeometry request of the Xkb extension does not properly validate the request length leading to out of bounds memory write (CVE-2022-2319). ProcXkbSetDeviceInfo Out-Of-Bounds Access. The handler for the ProcXkbSetDeviceInfo request of the Xkb extension does not properly validate the request length leading to out of bounds memory write (CVE-2022-2320). Affected Software/OS: 'x11-server' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-2319 GLSA-202210-30 https://security.gentoo.org/glsa/202210-30 https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/938 https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/939 https://lists.freedesktop.org/archives/xorg-announce/2022-July/003192.html https://security.netapp.com/advisory/ntap-20221104-0003/ https://www.zerodayinitiative.com/advisories/ZDI-22-964/ Common Vulnerability Exposure (CVE) ID: CVE-2022-2320 https://github.com/freedesktop/xorg-xserver/commit/dd8caf39e9e15d8f302e54045dd08d8ebf1025dc https://www.zerodayinitiative.com/advisories/ZDI-22-963/
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.