CVE-2020-14347

Synopsis Important: xorg-x11-server security update Type/Severity Security Advisory: Important Topic An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...

Debian Bug report logs - #968986 xorg-server: CVE-2020-14347 Package: src:xorg-server; Maintainer for src:xorg-server is Debian X Strike Force <debian-x@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 25 Aug 2020 12:33:00 UTC Severity: important Tags: security, upstream Found in v ...

Several vulnerabilities have been discovered in the XOrg X server Missing input sanitising in X server extensions may result in local privilege escalation if the X server is configured to run with root privileges In addition an ASLR bypass was fixed For the stable distribution (buster), these problems have been fixed in version 2:1204-1+deb10 ...

A flaw was found in the way the Xserver memory was not properly initialized This issue leak parts of server memory to the X client In cases where the Xorg server runs with elevated privileges, this flaw results in a possible ASLR bypass (CVE-2020-14347) A flaw was found in the XOrg Server An out-of-bounds access in the XkbSetMap function may l ...

Allocation for pixmap data in AllocatePixmap() does not initialize the memory in xserver, it leads to leak uninitialize heap memory to clients When the X server runs with elevated privileges This flaw can lead to ASLR bypass, which when combined with other flaws (known/unknown) could lead to lead to privilege elevation in the client ...