CVE Vulnerability

CVE-2020-14360

A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

6.1 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 8.5

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact COMPLETE

Scope

7.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://lists.x.org/archives/xorg-announce/2020-December/003066.html Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1869139 Issue Tracking Patch
Configurations

Configuration 1

cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*
Information

Published : 2021-01-20 04:15

Updated : 2021-01-26 06:29

NVD link : CVE-2020-14360

Mitre link : CVE-2020-14360

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer