Lucene search
Jan-Niklas SohnZDI-20-1418HistoryDec 09, 2020 - 12:00 a.m.
X.Org Server XkbSelectEvents Integer Underflow Privilege Escalation Vulnerability
2020-12-0900:00:00
Jan-Niklas Sohn
www.zerodayinitiative.com
9
0.001 Low
EPSS
Percentile
21.8%
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of XkbSelectEvents requests. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root.
Related
cvelist
cvelist
CVE-2020-14361
2020-09-15 00:00:00
ubuntucve
ubuntucve
CVE-2020-14361
2020-08-26 00:00:00
cve
cve
CVE-2020-14361
2020-09-15 19:15:12
prion
prion
Heap overflow
2020-09-15 19:15:00
nvd
nvd
CVE-2020-14361
2020-09-15 19:15:12
veracode
veracode
Denial Of Service (DoS)
2020-08-31 03:47:00
redhatcve
redhatcve
CVE-2020-14361
2020-08-25 16:46:22
alpinelinux
alpinelinux
CVE-2020-14361
2020-09-15 19:15:12
osv
osv
CVE-2020-14361
2020-09-15 19:15:12
xorg-server - security update
2020-08-30 00:00:00
xorg-server - security update
2020-09-04 00:00:00
debiancve
debiancve
CVE-2020-14361
2020-09-15 19:15:12
suse
suse
Security update for xorg-x11-server (important)
2020-09-07 00:00:00
Security update for xorg-x11-server (important)
2020-09-07 00:00:00
openvas
openvas
openSUSE: Security Advisory for xorg-x11-server (openSUSE-SU-2020:1376-1)
2020-09-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:2407-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for xorg-x11-server (openSUSE-SU-2020:1374-1)
2020-09-08 00:00:00
nessus
nessus
openSUSE Security Update : xorg-x11-server (openSUSE-2020-1376)
2020-09-08 00:00:00
SUSE SLES12 Security Update : xorg-x11-server (SUSE-SU-2020:2399-1)
2020-09-04 00:00:00
SUSE SLES12 Security Update : xorg-x11-server (SUSE-SU-2020:2407-1)
2020-09-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package xorg-server version 2:1.20.9-alt1
2020-08-25 00:00:00
centos
centos
xorg security update
2020-11-09 13:15:06
xorg security update
2020-11-06 22:19:48
ubuntu
ubuntu
X.Org X Server vulnerabilities
2020-09-02 00:00:00
X.Org X Server vulnerabilities
2020-09-09 00:00:00
oraclelinux
oraclelinux
xorg-x11-server security update
2020-11-06 00:00:00
xorg-x11-server security update
2020-11-06 00:00:00
redhat
redhat
(RHSA-2020:4910) Important: xorg-x11-server security update
2020-11-04 09:41:14
(RHSA-2020:4953) Important: xorg-x11-server security update
2020-11-05 08:26:47
freebsd
freebsd
xorg-server -- Multiple input validation failures in X server extensions
2020-08-25 00:00:00
amazon
amazon
Important: xorg-x11-server
2020-12-16 20:31:00
Important: xorg-x11-server
2021-01-12 22:52:00
Important: xorg-x11-server
2020-12-08 21:30:00
mageia
mageia
Updated x11-server packages fix security vulnerabilities
2020-08-27 18:52:56
debian
debian
[SECURITY] [DSA 4758-1] xorg-server security update
2020-09-04 18:58:09
[SECURITY] [DLA 2359-1] xorg-server security update
2020-08-30 21:40:25
[SECURITY] [DSA 4758-1] xorg-server security update
2020-09-04 18:58:09
gentoo
gentoo
X.Org X Server: Multiple vulnerabilities
2020-12-07 00:00:00
almalinux
almalinux
rocky
rocky
ibm
ibm