Out-Of-Bounds Access Vulnerability in X.Org Server Affecting Data Confidentiality
CVE-2020-14345

7.8HIGH

Key Information:

Vendor

X.org

Status
Xorg-x11-server
Vendor
CVE Published:
15 September 2020

What is CVE-2020-14345?

A vulnerability exists in X.Org Server versions prior to 1.20.9, specifically related to an Out-Of-Bounds access in the XkbSetNames function. This flaw could potentially allow attackers to escalate their privileges, which poses significant risks to data confidentiality, integrity, and overall system availability. The exploitation of this vulnerability highlights the need for timely updates and security patches to protect systems that rely on X.Org Server. Organizations are advised to monitor and apply the relevant updates to mitigate the associated risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

xorg-x11-server before xorg-x11-server 1.20.9

References

https://bugzilla.redhat.com/show_bug.cgi?id=1862241
x_refsource_MISC
https://lists.x.org/archives/xorg-announce/2020-August/00...
x_refsource_MISC
https://usn.ubuntu.com/4490-1/
vendor-advisoryx_refsource_UBUNTU

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.