vulnerability

Amazon Linux AMI 2: CVE-2020-14344: Security patch for libX11 (Multiple Advisories)

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Aug 5, 2020

Added

Jun 24, 2021

Modified

May 20, 2026

Description

An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are shipped with Red Hat Enterprise Linux.

Solutions

amazon-linux-ami-2-upgrade-libx11amazon-linux-ami-2-upgrade-libx11-commonamazon-linux-ami-2-upgrade-libx11-debuginfoamazon-linux-ami-2-upgrade-libx11-devel

References

AMAZON-AL2/ALAS-2021-1661
CVE-2020-14344
https://attackerkb.com/topics/CVE-2020-14344
CWE-190
EUVD-EUVD-2020-6488
https://euvd.enisa.europa.eu/vulnerability/EUVD-2020-6488

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report