{"id":"ALSA-2022:5257","summary":"Moderate: libinput security update","details":"libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices.\nSecurity Fix(es):\n* libinput: format string vulnerability may lead to privilege escalation (CVE-2022-1215)\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-02-04T02:38:25.010924Z","published":"2022-06-30T00:00:00Z","related":["CVE-2022-1215"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2022:5257"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-1215"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2074952"},{"type":"ADVISORY","url":"https://errata.almalinux.org/9/ALSA-2022-5257.html"}],"affected":[{"package":{"name":"libinput","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libinput"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.19.3-2.el9_0"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2022:5257.json"}},{"package":{"name":"libinput-devel","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libinput-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.19.3-2.el9_0"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2022:5257.json"}},{"package":{"name":"libinput-utils","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libinput-utils"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.19.3-2.el9_0"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2022:5257.json"}}],"schema_version":"1.7.3"}