Lucene search
Jan-Niklas SohnZDI-20-1417HistoryDec 09, 2020 - 12:00 a.m.
X.Org Server XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability
2020-12-0900:00:00
Jan-Niklas Sohn
www.zerodayinitiative.com
18
0.0005 Low
EPSS
Percentile
18.1%
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of XIChangeHierarchy requests. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root.
Related
redhatcve
redhatcve
CVE-2020-14346
2020-08-25 16:46:22
nvd
nvd
CVE-2020-14346
2020-09-15 19:15:12
alpinelinux
alpinelinux
CVE-2020-14346
2020-09-15 19:15:12
debiancve
debiancve
CVE-2020-14346
2020-09-15 19:15:12
cvelist
cvelist
CVE-2020-14346
2020-09-15 00:00:00
cve
cve
CVE-2020-14346
2020-09-15 19:15:12
veracode
veracode
Denial Of Service (DoS)
2020-08-31 03:46:04
ubuntucve
ubuntucve
CVE-2020-14346
2020-08-26 00:00:00
osv
osv
CVE-2020-14346
2020-09-15 19:15:12
xorg-server vulnerabilities
2020-09-09 16:33:35
xorg-server - security update
2020-09-04 00:00:00
prion
prion
Integer overflow
2020-09-15 19:15:00
nessus
nessus
openSUSE Security Update : xorg-x11-server (openSUSE-2020-1302)
2020-08-31 00:00:00
openSUSE Security Update : xorg-x11-server (openSUSE-2020-1279)
2020-08-31 00:00:00
EulerOS 2.0 SP9 : xorg-x11-server (EulerOS-SA-2021-1279)
2021-02-05 00:00:00
openvas
openvas
openSUSE: Security Advisory for xorg-x11-server (openSUSE-SU-2020:1302-1)
2020-09-02 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:2326-1)
2021-04-19 00:00:00
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2021-1260)
2021-02-05 00:00:00
suse
suse
Security update for xorg-x11-server (important)
2020-08-29 00:00:00
Security update for xorg-x11-server (important)
2020-08-31 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package xorg-server version 2:1.20.9-alt1
2020-08-25 00:00:00
amazon
amazon
Important: xorg-x11-server
2021-01-12 22:52:00
Important: xorg-x11-server
2020-12-16 20:31:00
Important: xorg-x11-server
2020-12-08 21:30:00
freebsd
freebsd
xorg-server -- Multiple input validation failures in X server extensions
2020-08-25 00:00:00
redhat
redhat
(RHSA-2020:4953) Important: xorg-x11-server security update
2020-11-05 08:26:47
(RHSA-2020:4910) Important: xorg-x11-server security update
2020-11-04 09:41:14
oraclelinux
oraclelinux
xorg-x11-server security update
2020-11-06 00:00:00
xorg-x11-server security update
2020-11-06 00:00:00
ubuntu
ubuntu
X.Org X Server vulnerabilities
2020-09-02 00:00:00
X.Org X Server vulnerabilities
2020-09-09 00:00:00
centos
centos
xorg security update
2020-11-06 22:19:48
xorg security update
2020-11-09 13:15:06
mageia
mageia
Updated x11-server packages fix security vulnerabilities
2020-08-27 18:52:56
debian
debian
[SECURITY] [DSA 4758-1] xorg-server security update
2020-09-04 18:58:09
[SECURITY] [DLA 2359-1] xorg-server security update
2020-08-30 21:40:25
[SECURITY] [DSA 4758-1] xorg-server security update
2020-09-04 18:58:09
gentoo
gentoo
X.Org X Server: Multiple vulnerabilities
2020-12-07 00:00:00
almalinux
almalinux
rocky
rocky
ibm
ibm