Lucene search

K
ubuntucveUbuntu.comUB:CVE-2020-14360
HistoryDec 01, 2020 - 12:00 a.m.

CVE-2020-14360

2020-12-0100:00:00
ubuntu.com
ubuntu.com
25
x.org server
privilege escalation
data confidentiality
integrity
system availability

CVSS2

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:P/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

15.9%

A flaw was found in the X.Org Server before version 1.20.10. An
out-of-bounds access in the XkbSetMap function may lead to a privilege
escalation vulnerability. The highest threat from this vulnerability is to
data confidentiality and integrity as well as system availability.

Notes

Author Note
mdeslaur xorg server is actually the xorg-server package the xorg package only contains docs
alexmurray ZDI-CAN 11572
mdeslaur 241f2b140738b592d762e6e4a43945d9aed3ebb3
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchxorg-server< 2:1.19.6-1ubuntu4.8UNKNOWN
ubuntu20.04noarchxorg-server< 2:1.20.8-2ubuntu2.6UNKNOWN
ubuntu20.10noarchxorg-server< 2:1.20.9-2ubuntu1.1UNKNOWN
ubuntu14.04noarchxorg-server< 2:1.15.1-0ubuntu2.11+esm3UNKNOWN
ubuntu16.04noarchxorg-server< 2:1.18.4-0ubuntu0.11UNKNOWN
ubuntu16.04noarchxorg-server-hwe-16.04< 2:1.19.6-1ubuntu4.1~16.04.5UNKNOWN
ubuntu18.04noarchxorg-server-hwe-18.04< 2:1.20.8-2ubuntu2.2~18.04.4UNKNOWN

CVSS2

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:P/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

15.9%