漏洞信息详情

X.Org X Server 信息泄露漏洞

  • CNNVD编号:CNNVD-202007-1895
  • 危害等级: 中危
  • CVE编号: CVE-2020-14347
  • 漏洞类型: 信息泄露
  • 发布时间: 2020-07-31
  • 威胁类型: 本地
  • 更新时间: 2021-08-12
  • 厂        商:
  • 漏洞来源: Red Hat

漏洞简介

X.Org X Server是X.Org基金会的一款X Window系统显示服务器。

X.Org X Server 1.20.9之前版本中存在信息泄露漏洞,该漏洞源于程序没有正确初始化xserver内存。攻击者可利用该漏洞泄露服务器内存或可能绕过ASLR。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,补丁获取链接:

https://gitlab.freedesktop.org/xorg/xserver

参考网址

来源:CONFIRM

链接:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14347

来源:DEBIAN

链接:https://www.debian.org/security/2020/dsa-4758

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00066.html

来源:UBUNTU

链接:https://usn.ubuntu.com/4488-2/

来源:MISC

链接:https://lists.x.org/archives/xorg-announce/2020-July/003051.html

来源:UBUNTU

链接:https://usn.ubuntu.com/4488-1/

来源:MLIST

链接:https://lists.debian.org/debian-lts-announce/2020/08/msg00057.html

来源:GENTOO

链接:https://security.gentoo.org/glsa/202012-01

来源:MISC

链接:https://www.openwall.com/lists/oss-security/2020/07/31/2

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00075.html

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021052203

来源:www.nsfocus.net

链接:http://www.nsfocus.net/vulndb/47726

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3018/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/159047/Ubuntu-Security-Notice-USN-4488-1.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.1866

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.1711

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.1820

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2711

来源:www.zerodayinitiative.com

链接:https://www.zerodayinitiative.com/advisories/ZDI-20-934/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.2983/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/162655/Red-Hat-Security-Advisory-2021-1804-01.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/162837/Red-Hat-Security-Advisory-2021-2136-01.html

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2020-14347

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3050/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/160374/Gentoo-Linux-Security-Advisory-202012-01.html

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2020-14347

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4414/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.2914/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.2958/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.2905/

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/X-Org-Xserver-information-disclosure-via-AllocatePixmap-32990

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3104/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/160488/Red-Hat-Security-Advisory-2020-5408-01.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/159118/Ubuntu-Security-Notice-USN-4488-2.html

受影响实体

    暂无


补丁


漏洞信息快速查询

漏洞名称:
漏洞编号:
发布时间 从:
到:
  搜索 重置

相关漏洞

更多

数据文件