{"id":"MGASA-2020-0456","summary":"Updated x11-server packages fix security vulnerabilities","details":"A flaw was found in the X.Org Server. An out-of-bounds access in the XkbSetMap\nfunction may lead to a privilege escalation vulnerability. The highest threat\nfrom this vulnerability is to data confidentiality and integrity as well as\nsystem availability (CVE-2020-14360).\n\nA flaw was found in xorg-x11-server. A heap-buffer overflow in XkbSetDeviceInfo\nmay lead to a privilege escalation vulnerability. The highest threat from this\nvulnerability is to data confidentiality and integrity as well as system\navailability (CVE-2020-25712).\n\nThe x11-server package has been updated to version 1.20.10, fixing these issues\nand other bugs.\n","modified":"2026-04-16T00:10:40.333733592Z","published":"2020-12-17T13:10:41Z","upstream":["CVE-2020-14360","CVE-2020-25712"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0456.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=27701"},{"type":"WEB","url":"https://lists.x.org/archives/xorg-announce/2020-December/003066.html"},{"type":"WEB","url":"https://lists.x.org/archives/xorg-announce/2020-December/003067.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6NULSZT4JH6WPRE73VQI4A42OU32HKTH/"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4656-1"}],"affected":[{"package":{"name":"x11-server","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/x11-server?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.20.10-1.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0456.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}