Skip to main content

X Server CVE-2020-14346

HIGH
Integer Underflow (CWE-191)
2020-09-15 secalert@redhat.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 15, 2020 - 19:15 nvd
HIGH 7.8

DescriptionNVD

A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

AnalysisAI

A flaw was found in xorg-x11-server before 1.20.9. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-191. A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Affected products include: X.Org X Server, Canonical Ubuntu Linux, Redhat Enterprise Linux. Version information: before 1.20.9..

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2018-14665 MEDIUM POC
6.6 Oct 25

A flaw was found in xorg-x11-server before 1.20.3. Rated medium severity (CVSS 6.6), this vulnerability is low attack co

CVE-2019-17624 HIGH POC
7.8 Oct 16

"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. Rated high severity (C

CVE-2017-10971 HIGH
8.8 Jul 06

In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context

CVE-2026-56000 CRITICAL
9.0 Jul 08

Use-after-free in the GLX dispatch layer of X.Org X Server and Xwayland allows an authenticated X client to corrupt heap

CVE-2022-46344 HIGH
8.8 Dec 14

A vulnerability was found in X.Org. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low atta

CVE-2022-46343 HIGH
8.8 Dec 14

A vulnerability was found in X.Org. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low atta

CVE-2022-46342 HIGH
8.8 Dec 14

A vulnerability was found in X.Org. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low atta

CVE-2022-46341 HIGH
8.8 Dec 14

A vulnerability was found in X.Org. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low atta

CVE-2022-46340 HIGH
8.8 Dec 14

A vulnerability was found in X.Org. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low atta

CVE-2022-3550 HIGH
8.8 Oct 17

A vulnerability classified as critical was found in X.org Server. Rated high severity (CVSS 8.8), this vulnerability is

CVE-2023-5367 HIGH
7.8 Oct 25

A out-of-bounds write flaw was found in the xorg-x11-server. Rated high severity (CVSS 7.8), this vulnerability is low a

CVE-2023-6377 HIGH
7.8 Dec 13

A flaw was found in xorg-server. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-o

Share

CVE-2020-14346 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy