vulnerability
FreeBSD: VID-ffa15b3b-e6f6-11ea-8cbf-54e1ad3d6335 (CVE-2020-14361): xorg-server -- Multiple input validation failures in X server extensions
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Aug 25, 2020 | Aug 26, 2020 | Mar 25, 2026 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Aug 25, 2020
Added
Aug 26, 2020
Modified
Mar 25, 2026
Description
The X.org project reports: All theses issuses can lead to local privileges elevation on systems where the X server is running privileged. The handler for the XkbSetNames request does not validate the request length before accessing its contents. An integer underflow exists in the handler for the XIChangeHierarchy request. An integer underflow exist in the handler for the XkbSelectEvents request. An integer underflow exist in the handler for the CreateRegister request of the X record extension.
Solutions
freebsd-upgrade-package-xorg-serverfreebsd-upgrade-package-xephyrfreebsd-upgrade-package-xorg-vfbserverfreebsd-upgrade-package-xorg-nestserverfreebsd-upgrade-package-xwaylandfreebsd-upgrade-package-xorg-dmx
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.