{"id":"CVE-2022-26530","details":"swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor.","modified":"2026-04-11T22:01:39.635350Z","published":"2022-04-03T23:15:08.103Z","references":[{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2066596"},{"type":"FIX","url":"https://github.com/swaywm/swaylock/commit/1d1c75b6316d21933069a9d201f966d84099f6ca"},{"type":"FIX","url":"https://github.com/swaywm/swaylock/pull/219"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/swaywm/swaylock","events":[{"introduced":"0"},{"fixed":"92de4d2e310c7bd7dca9c9ced602219dc8245a55"},{"fixed":"1d1c75b6316d21933069a9d201f966d84099f6ca"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.6"}]}}],"versions":["1.0","1.1","1.2","1.3","1.4","1.5"],"database_specific":{"vanir_signatures_modified":"2026-04-11T22:01:39Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-26530.json","vanir_signatures":[{"target":{"function":"damage_surface","file":"main.c"},"digest":{"length":263,"function_hash":"321546121327166152082568227554952490546"},"source":"https://github.com/swaywm/swaylock/commit/92de4d2e310c7bd7dca9c9ced602219dc8245a55","signature_type":"Function","deprecated":false,"signature_version":"v1","id":"CVE-2022-26530-2660fb9d"},{"target":{"file":"main.c"},"digest":{"line_hashes":["127073195408212173705544643835483704038","132367307331159836240313025023453057017","205486298210334917896934501618831078856","88051551187514133606893522838960179616","337614508506332101917745192143298913339","16193052160611899368605411219614024647","244226894835542531598553598251282792903","159078903369901087028258565824875967193","267007657912997303086002782409160378577","318807201913823064997230045798952755575","229954771298977266013527197878457778218","7707739845535407332674996535561386343","21645136205143635228527169207305399896","94332134942714026467558821928132340569","195575444750541786253345577626667301459","181968761044182414924904399292568532845","94838257276800262904068482916341581918","75974599982718431593916335716079664856","307889506717377779414505651342105264556","17335732294848004880247251732566528211","7383446325902592208417330515804126551","253882839715136516068228121622539986554","316963383457095066036918624363670858117","41595466068361426491734003353450412755","69187070226416710540953195732982839514","121454406569789806943316660221963265562","106356223910297253211848510561665078309","281422092069747662586599075358734436926","219630019896173835260972432442443959643","170707852279529236026778662974728959941","58031917247361215738750032628137407063","206176146467733027132569712680076266141","59889542236468922551651368341060909733","237165997622830738898248840007584234130","142079425188089396704703495994601768779","299690025169209485843145375859273978564","216612979563159157343288043914621997107","180591142791920893637056664383560827845","59751774364218224585759153950473379991","55300518068265682844280408424850200426","59708854195711757469403457504438605732","240155052126680037505692719982772834210","84077946009467724955345243520840567259","292341787551801698548181451930684196222","253302884382134581816879462261365070506","157903798336607721867517280756594319730","65070307221621892676085433565935839761","115384662973177886951324554640923246308","33036865322811229331475236800268626560","181839721523309577923693962380020401765","15881764685144002028543175068281739227","138372863888015263711987897953596552068","38697518467174709216311780780945230195","169397997493729399394968740991791688114","216194601330526135326976862069394395129","20611120824736409257270053692849542221","35124750561797444211088839424652581038","226179974460813175427624460083784894426","215536244903201169768507745193981617096","40185632972554804232919390866591769473","288006322109675497350103771234856395532","60790053089950070209322729081093831577","322057231159978130421689593568844910748","277664617325588989414936470192072759691","114068398840070224812494738108783254957","210846842683765408460369500033413526826","62156722105385181879322251191860048014","144498651922174237048159345740661551124","100802688414335171331773566809870669926","181948809946942023259188449172423344972","15140907029657952730372911029107688143","19633755541131562411790948790884829505","318540317449338291944905472844760122642"],"threshold":0.9},"source":"https://github.com/swaywm/swaylock/commit/1d1c75b6316d21933069a9d201f966d84099f6ca","signature_type":"Line","deprecated":false,"signature_version":"v1","id":"CVE-2022-26530-30d36dae"},{"target":{"file":"include/swaylock.h"},"digest":{"line_hashes":["174879986102714311352807245892061322246","267890502030456711561358361499514632287","58021279707907856285321302412721427000","247422505927742538220806138447834820561","322631855022704135224284990252346650521","37613136184802158424019466553518640811","74848766841090077705833248500795565635","247704523326092782295568058808410059598"],"threshold":0.9},"source":"https://github.com/swaywm/swaylock/commit/1d1c75b6316d21933069a9d201f966d84099f6ca","signature_type":"Line","deprecated":false,"signature_version":"v1","id":"CVE-2022-26530-387bb85f"},{"target":{"function":"destroy_surface","file":"main.c"},"digest":{"length":450,"function_hash":"299244876053952007915284634746955775122"},"source":"https://github.com/swaywm/swaylock/commit/1d1c75b6316d21933069a9d201f966d84099f6ca","signature_type":"Function","deprecated":false,"signature_version":"v1","id":"CVE-2022-26530-403b84fe"},{"target":{"file":"main.c"},"digest":{"line_hashes":["313559367477756067118233067749796248415","131305497023398857062863547278402414611","210575575467073372657772704799499403634","271329596643085094925206375980341545537"],"threshold":0.9},"source":"https://github.com/swaywm/swaylock/commit/92de4d2e310c7bd7dca9c9ced602219dc8245a55","signature_type":"Line","deprecated":false,"signature_version":"v1","id":"CVE-2022-26530-618eae5a"},{"target":{"function":"handle_global","file":"main.c"},"digest":{"length":1811,"function_hash":"5543061932566584542564508265920426400"},"source":"https://github.com/swaywm/swaylock/commit/1d1c75b6316d21933069a9d201f966d84099f6ca","signature_type":"Function","deprecated":false,"signature_version":"v1","id":"CVE-2022-26530-c48b51ba"},{"target":{"function":"main","file":"main.c"},"digest":{"length":3858,"function_hash":"148015998532683438035484612510513562095"},"source":"https://github.com/swaywm/swaylock/commit/1d1c75b6316d21933069a9d201f966d84099f6ca","signature_type":"Function","deprecated":false,"signature_version":"v1","id":"CVE-2022-26530-d2818254"},{"target":{"function":"create_layer_surface","file":"main.c"},"digest":{"length":1346,"function_hash":"47724046274680708793796710802857808307"},"source":"https://github.com/swaywm/swaylock/commit/1d1c75b6316d21933069a9d201f966d84099f6ca","signature_type":"Function","deprecated":false,"signature_version":"v1","id":"CVE-2022-26530-dd8f4980"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}]}