CVE-2020-14363

Priority
Description
An integer overflow vulnerability leading to a double-free was found in
libX11. This flaw allows a local privileged attacker to cause an
application compiled with libX11 to crash, or in some cases, result in
arbitrary code execution. The highest threat from this flaw is to
confidentiality, integrity as well as system availability.
Assigned-to
mdeslaur
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):released (2:1.4.99.1-0ubuntu2.5)
Ubuntu 14.04 ESM (Trusty Tahr):released (2:1.6.2-1ubuntu2.1+esm1)
Ubuntu 16.04 LTS (Xenial Xerus):released (2:1.6.3-1ubuntu2.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (2:1.6.4-3ubuntu0.3)
Ubuntu 20.04 LTS (Focal Fossa):released (2:1.6.9-2ubuntu1.1)
Ubuntu 20.10 (Groovy Gorilla):not-affected (2:1.6.10-3)
Patches:
Upstream:https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d
More Information

Updated: 2020-09-18 04:45:51 UTC (commit 138a3b00836060d8cce6678d1a23781391e3219f)