vulnerability
FreeBSD: VID-ffa15b3b-e6f6-11ea-8cbf-54e1ad3d6335 (CVE-2020-14345): xorg-server -- Multiple input validation failures in X server extensions
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Aug 25, 2020 | Aug 26, 2020 | Dec 10, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Aug 25, 2020
Added
Aug 26, 2020
Modified
Dec 10, 2025
Description
The X.org project reports: All theses issuses can lead to local privileges elevation on systems where the X server is running privileged. The handler for the XkbSetNames request does not validate the request length before accessing its contents. An integer underflow exists in the handler for the XIChangeHierarchy request. An integer underflow exist in the handler for the XkbSelectEvents request. An integer underflow exist in the handler for the CreateRegister request of the X record extension.
Solutions
freebsd-upgrade-package-xorg-serverfreebsd-upgrade-package-xephyrfreebsd-upgrade-package-xorg-vfbserverfreebsd-upgrade-package-xorg-nestserverfreebsd-upgrade-package-xwaylandfreebsd-upgrade-package-xorg-dmx
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.