#14322: xorg-server-1.20.10 (CVE-2020-14360 CVE-2020-25712)
-------------------------+-----------------------
Reporter: renodr | Owner: blfs-book
Type: enhancement | Status: new
Priority: normal | Milestone: hold
Component: BOOK | Version: SVN
Severity: normal | Keywords:
-------------------------+-----------------------
When the new Xorg-Server comes out, move this ticket from Hold to 10.1
{{{
X.Org server security advisory: December 1, 2020
Multiple input validation failures in X server XKB extension
============================================================
These issues can lead to privileges elevations for authorized clients
on systems where the X server is running privileged.
* CVE-2020-14360 / ZDI CAN 11572 XkbSetMap Out-Of-Bounds Access
Insufficient checks on the lengths of the XkbSetMap request can lead to
out of bounds memory accesses in the X server.
* CVE-2020-25712 / ZDI-CAN-11839 XkbSetDeviceInfo Heap-based Buffer
Overflow
Insufficient checks on input of the XkbSetDeviceInfo request can lead
to a buffer overflow on the head in the X server.
Patches
-------
Patches for these issues have been committed to the xorg server git
repository. xorg-server 1.20.10 will be released shortly and will
include these patches.
https://gitlab.freedesktop.org/xorg/xserver.git
commit 446ff2d3177087b8173fa779fa5b77a2a128988b
Check SetMap request length carefully.
Avoid out of bounds memory accesses on too short request.
ZDI-CAN 11572 / CVE-2020-14360
commit 87c64fc5b0db9f62f4e361444f4b60501ebf67b9
Fix XkbSetDeviceInfo() and SetDeviceIndicators() heap overflows
ZDI-CAN 11389 / CVE-2020-25712
Thanks
======
These vulnerabilities have been discovered by Jan-Niklas Sohn working
with Trend Micro Zero Day Initiative.
}}}
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/14322>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
