CVE-2020-14346 — Integer Underflow (Wrap or Wraparound) in X Server
Severity
7.8HIGHNVD
EPSS
0.2%
top 61.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
PublishedSep 15
Latest updateMay 24
Description
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages4 packages
Also affects: Ubuntu Linux 14.04, Enterprise Linux 6.0, 7.0, 8.0
Patches
🔴Vulnerability Details
5📋Vendor Advisories
4Debian▶
CVE-2020-14346: xorg-server - A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X...↗2020