Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 757882 (CVE-2020-14360, CVE-2020-25712) - <x11-base/xorg-server-1.20.10: Multiple vulnerabilities (CVE-2020-{14360,25712})
Summary: <x11-base/xorg-server-1.20.10: Multiple vulnerabilities (CVE-2020-{14360,25712})
Status: RESOLVED FIXED
Alias: CVE-2020-14360, CVE-2020-25712
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A2 [glsa+ cve]
Keywords:
Depends on:
Blocks: CVE-2020-14345, CVE-2020-14346, CVE-2020-14347, CVE-2020-14361, CVE-2020-14362 758461
  Show dependency tree
 
Reported: 2020-12-01 15:22 UTC by Sam James
Modified: 2020-12-31 18:30 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester gentoo-dev Security 2020-12-01 15:22:41 UTC
"* CVE-2020-14360 / ZDI CAN 11572 XkbSetMap Out-Of-Bounds Access

Insufficient checks on the lengths of the XkbSetMap request can lead to
out of bounds memory accesses in the X server.

* CVE-2020-25712 / ZDI-CAN-11839 XkbSetDeviceInfo Heap-based Buffer Overflow

Insufficient checks on input of the XkbSetDeviceInfo request can lead
to a buffer overflow on the head in the X server."
Comment 1 Sam James archtester gentoo-dev Security 2020-12-01 15:25:34 UTC
(In reply to Sam James from comment #0)
> "* CVE-2020-14360 / ZDI CAN 11572 XkbSetMap Out-Of-Bounds Access
> 
> Insufficient checks on the lengths of the XkbSetMap request can lead to
> out of bounds memory accesses in the X server.
> 

https://gitlab.freedesktop.org/xorg/xserver/-/commit/446ff2d3177087b8173fa779fa5b77a2a128988b

> * CVE-2020-25712 / ZDI-CAN-11839 XkbSetDeviceInfo Heap-based Buffer Overflow
> 
> Insufficient checks on input of the XkbSetDeviceInfo request can lead
> to a buffer overflow on the head in the X server."

https://gitlab.freedesktop.org/xorg/xserver/-/commit/87c64fc5b0db9f62f4e361444f4b60501ebf67b9

----
1.20.10 coming shortly, which will let us move forward with bug 734976 too.
Comment 2 Sam James archtester gentoo-dev Security 2020-12-02 17:49:25 UTC
Let us know when ready to stable.
Comment 3 Sam James archtester gentoo-dev Security 2020-12-06 17:52:28 UTC
amd64 done
Comment 4 Sam James archtester gentoo-dev Security 2020-12-06 20:41:36 UTC
arm64 done
Comment 5 Thomas Deutschmann gentoo-dev Security 2020-12-06 22:26:40 UTC
Added to an existing GLSA.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2020-12-07 00:35:50 UTC
This issue was resolved and addressed in
 GLSA 202012-01 at https://security.gentoo.org/glsa/202012-01
by GLSA coordinator Thomas Deutschmann (whissi).
Comment 7 Thomas Deutschmann gentoo-dev Security 2020-12-07 00:36:40 UTC
Re-opening for remaining architectures.
Comment 8 Thomas Deutschmann gentoo-dev Security 2020-12-07 01:41:39 UTC
x86 stable
Comment 9 Sam James archtester gentoo-dev Security 2020-12-07 05:33:15 UTC
arm done
Comment 10 Rolf Eike Beer 2020-12-10 19:24:51 UTC
sparc stable
Comment 11 Sergei Trofimovich gentoo-dev 2020-12-11 23:30:01 UTC
ppc/ppc64 stable
Comment 12 Matt Turner gentoo-dev 2020-12-31 16:52:54 UTC
hppa -> ~hppa

all arches done
Comment 13 Larry the Git Cow gentoo-dev 2020-12-31 16:59:14 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=742cbbb13e8f4b7ae4849311aef7be500c39868a

commit 742cbbb13e8f4b7ae4849311aef7be500c39868a
Author:     Matt Turner <mattst88@gentoo.org>
AuthorDate: 2020-12-31 16:53:24 +0000
Commit:     Matt Turner <mattst88@gentoo.org>
CommitDate: 2020-12-31 16:58:53 +0000

    x11-base/xorg-server: Drop old versions
    
    Bug: https://bugs.gentoo.org/757882
    Signed-off-by: Matt Turner <mattst88@gentoo.org>

 x11-base/xorg-server/Manifest                     |   1 -
 x11-base/xorg-server/metadata.xml                 |   1 -
 x11-base/xorg-server/xorg-server-1.20.8-r1.ebuild | 238 ----------------------
 3 files changed, 240 deletions(-)
Comment 14 John Helmert III gentoo-dev Security 2020-12-31 18:30:06 UTC
Tree is clean, all done!