Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2020-14347 - log back

CVE-2020-14347 edited at 31 Jul 2020 15:03:13

Severity

-	Unknown
+	Low

Remote

-	Unknown
+	Local

Type

-	Unknown
+	Information disclosure

Description

+	Allocation for pixmap data in AllocatePixmap() does not initialize the memory in xserver, it leads to leak uninitialize heap memory to clients. When the X server runs with elevated privileges.
+	This flaw can lead to ASLR bypass, which when combined with other flaws (known/unknown) could lead to lead to privilege elevation in the client.

References

+	https://lists.x.org/archives/xorg-announce/2020-July/003051.html

Notes

CVE-2020-14347 created at 31 Jul 2020 15:02:30