CVE-2020-14363
published 2020-09-11CVE-2020-14363: An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled…
PriorityP339high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.57%
43.1th percentile
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libx11 | < libx11 2:1.6.12-1 (bookworm) | libx11 2:1.6.12-1 (bookworm) |
| fedoraproject | fedora | — | — |
| the_x11_project | libx11 | — | — |
| x.org | libx11 | < 1.6.12 | 1.6.12 |
| x.org | libx11 | >= 0 < 2:1.6.12-1 | 2:1.6.12-1 |
| x.org | libx11 | >= 0 < 2:1.6.12-1 | 2:1.6.12-1 |
| x.org | libx11 | >= 0 < 2:1.6.12-1 | 2:1.6.12-1 |
| x.org | libx11 | >= 0 < 2:1.6.12-1 | 2:1.6.12-1 |
| x.org | libx11 | >= 0 < 2:1.6.3-1ubuntu2.2 | 2:1.6.3-1ubuntu2.2 |
| x.org | libx11 | >= 0 < 2:1.6.4-3ubuntu0.3 | 2:1.6.4-3ubuntu0.3 |
| x.org | libx11 | >= 0 < 2:1.6.9-2ubuntu1.1 | 2:1.6.9-2ubuntu1.1 |
| x.org | libx11 | >= 0 < 2:1.6.2-1ubuntu2.1+esm1 | 2:1.6.2-1ubuntu2.1+esm1 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu6.7MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qmwg-hw9q-xg39: An integer overflow vulnerability leading to a double-free was found in libX11
ghsa_unreviewed·2022-05-24
CVE-2020-14363 [HIGH] CWE-190 GHSA-qmwg-hw9q-xg39: An integer overflow vulnerability leading to a double-free was found in libX11
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.
OSV
CVE-2020-14363: An integer overflow vulnerability leading to a double-free was found in libX11
osv·2020-09-11·CVSS 7.8
CVE-2020-14363 [HIGH] CVE-2020-14363: An integer overflow vulnerability leading to a double-free was found in libX11
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.
OSV
libx11 vulnerabilities
osv·2020-09-08·CVSS 6.7
CVE-2020-14344 [MEDIUM] libx11 vulnerabilities
libx11 vulnerabilities
USN-4487-1 fixed several vulnerabilities in libx11. This update provides
the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM.
Original advisory details:
Todd Carson discovered that libx11 incorrectly handled certain memory
operations. A local attacker could possibly use this issue to escalate
privileges. (CVE-2020-14344)
Jayden Rivers discovered that libx11 incorrectly handled locales. A local
attacker could possibly use this issue to escalate privileges.
(CVE-2020-14363)
OSV
libx11 vulnerabilities
osv·2020-09-02·CVSS 6.7
CVE-2020-14344 [MEDIUM] libx11 vulnerabilities
libx11 vulnerabilities
Todd Carson discovered that libx11 incorrectly handled certain memory
operations. A local attacker could possibly use this issue to escalate
privileges. (CVE-2020-14344)
Jayden Rivers discovered that libx11 incorrectly handled locales. A local
attacker could possibly use this issue to escalate privileges.
(CVE-2020-14363)
Ubuntu
libx11 vulnerabilities
vendor_ubuntu·2020-09-08·CVSS 6.7
CVE-2020-14344 [MEDIUM] libx11 vulnerabilities
Title: libx11 vulnerabilities
Summary: Several security issues were fixed in libx11.
USN-4487-1 fixed several vulnerabilities in libx11. This update provides
the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM.
Original advisory details:
Todd Carson discovered that libx11 incorrectly handled certain memory
operations. A local attacker could possibly use this issue to escalate
privileges. (CVE-2020-14344)
Jayden Rivers discovered that libx11 incorrectly handled locales. A local
attacker could possibly use this issue to escalate privileges.
(CVE-2020-14363)
Instructions: After a standard system update you need to reboot your computer to make all
the necessary changes.
Ubuntu
libx11 vulnerabilities
vendor_ubuntu·2020-09-02·CVSS 6.7
CVE-2020-14363 [MEDIUM] libx11 vulnerabilities
Title: libx11 vulnerabilities
Summary: Several security issues were fixed in libx11.
Todd Carson discovered that libx11 incorrectly handled certain memory
operations. A local attacker could possibly use this issue to escalate
privileges. (CVE-2020-14344)
Jayden Rivers discovered that libx11 incorrectly handled locales. A local
attacker could possibly use this issue to escalate privileges.
(CVE-2020-14363)
Instructions: After a standard system update you need to reboot your computer to make all
the necessary changes.
Red Hat
libX11: integer overflow leads to double free in locale handling
vendor_redhat·2020-08-25·CVSS 7.8
CVE-2020-14363 [HIGH] CWE-190 libX11: integer overflow leads to double free in locale handling
libX11: integer overflow leads to double free in locale handling
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.
Statement: Xorg server does not run with root privileges in Red Ha
Debian
CVE-2020-14363: libx11 - An integer overflow vulnerability leading to a double-free was found in libX11. ...
vendor_debian·2020·CVSS 7.8
CVE-2020-14363 [HIGH] CVE-2020-14363: libx11 - An integer overflow vulnerability leading to a double-free was found in libX11. ...
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.
Scope: local
bookworm: resolved (fixed in 2:1.6.12-1)
bullseye: resolved (fixed in 2:1.6.12-1)
forky: resolved (fixed in 2:1.6.12-1)
sid: resolved (fixed in 2:1.6.12-1)
trixie: resolved (fixed in 2:1.6.12-1)
No detection rules found.
No public exploits indexed.
arXiv
Streamlining Attack Tree Generation: A Fragment-Based Approach
arxiv_fulltext·2023-10-01
Streamlining Attack Tree Generation: A Fragment-Based Approach
AttackGraph
basicstyle= ,
keywords=AttackTarget, AttackStep,
keywordstyle=blue ,
ndkeywords=OR, CPE, CWE, cweNotes, BaseScore, ImpactScore, ExploitabilityScore, epss, description, CVE, CVSS, SAND ,
ndkeywordstyle=darkgray ,
alsoletter=CVE-, CVSS:, CWE-
identifierstyle=black,
sensitive=false,
comment=[l]//,
morecomment=[s]/**/,
commentstyle=purple ,
stringstyle=red ,
morestring=[b]',
morestring=[b]",
tabsize=2
AttackGrammar
basicstyle= ,
keywords=AttackTreeElement, AttackTarget, AttackStep, Model, AttackTreeModel, SubTree, Gate, AttackTreeSubElements, AttackTree, Synonyms, CVSSVECTORList, ScoreList,
keywordstyle=blue ,
ndkeywords=cwe, name, cpe, synonyms, cvss, note, baseScore, impactScore, exploitabilityScore, epss, attackTree, trigger, primary, numberOfDisrubtions, description, gate, pro
Bugzilla
CVE-2020-14363 libX11: integer overflow leads to double free in locale handling [fedora-all]
bugzilla·2020-08-25·CVSS 7.8
CVE-2020-14363 [HIGH] CVE-2020-14363 libX11: integer overflow leads to double free in locale handling [fedora-all]
CVE-2020-14363 libX11: integer overflow leads to double free in locale handling [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple sup
Bugzilla
CVE-2020-14363 libX11: integer overflow leads to double free in locale handling
bugzilla·2020-08-25·CVSS 7.8
CVE-2020-14363 [HIGH] CVE-2020-14363 libX11: integer overflow leads to double free in locale handling
CVE-2020-14363 libX11: integer overflow leads to double free in locale handling
There is an integer overflow and a double free vulnerability in the way LibX11 handles locales. The integer overflow is a necessary precursor to the double free.
Discussion:
Created libX11 tracking bugs for this issue:
Affects: fedora-all [bug 1872474]
---
Upstream advisory:
https://lists.x.org/archives/xorg-announce/2020-August/003056.html
Upstream patch:
https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d
---
*** Bug 1872572 has been marked as a duplicate of this bug. ***
---
External References:
https://lists.x.org/archives/xorg-announce/2020-August/003056.html
---
Statement:
Xorg server does not run with root privileges in Red Hat Enterprise Linu
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14363https://github.com/Ruia-ruia/Exploits/blob/master/DFX11details.txthttps://github.com/Ruia-ruia/Exploits/blob/master/x11doublefree.shhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7AVXCQOSCAPKYYHFIJAZ6E2C7LJBTLXF/https://lists.x.org/archives/xorg-announce/2020-August/003056.htmlhttps://usn.ubuntu.com/4487-2/https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14363https://github.com/Ruia-ruia/Exploits/blob/master/DFX11details.txthttps://github.com/Ruia-ruia/Exploits/blob/master/x11doublefree.shhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7AVXCQOSCAPKYYHFIJAZ6E2C7LJBTLXF/https://lists.x.org/archives/xorg-announce/2020-August/003056.htmlhttps://usn.ubuntu.com/4487-2/
2020-09-11
Published