CVE-2020-25712 - log back

CVE-2020-25712 edited at 01 Dec 2020 15:32:41
Description
- A security issue was discovered in xorg-server before 1.20.10. Insufficient checks on input of the XkbSetDeviceInfo request can lead to a buffer overflow on the head in the X server. This issue can lead to privileges elevations for authorized clients on systems where the X server is running privileged.
+ A security issue was discovered in xorg-server before 1.20.10. Insufficient checks on input of the XkbSetDeviceInfo request can lead to a buffer overflow on the head in the X server. This issue can lead to privilege escalation for authorized clients on systems where the X server is running privileged.
CVE-2020-25712 edited at 01 Dec 2020 15:30:46
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ A security issue was discovered in xorg-server before 1.20.10. Insufficient checks on input of the XkbSetDeviceInfo request can lead to a buffer overflow on the head in the X server. This issue can lead to privileges elevations for authorized clients on systems where the X server is running privileged.
References
+ https://www.openwall.com/lists/oss-security/2020/12/01/3
+ https://gitlab.freedesktop.org/xorg/xserver/-/commit/87c64fc5b0db9f62f4e361444f4b60501ebf67b9
Notes
CVE-2020-25712 created at 01 Dec 2020 15:26:02