Fluid Attacks Database

Description

A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.12	xorg-server	=1.10.0-r0 \|\| =1.10.0.901-r0 \|\| =1.10.0.902-r0 \|\| =1.10.1-r0 \|\| =1.10.1-r1 \|\| =1.10.2-r0 \|\| =1.10.3-r0 \|\| =1.10.4-r0 \|\| =1.11.0-r0 \|\| =1.11.1-r0 \|\| =1.11.1-r1 \|\| =1.11.1.902-r0 \|\| =1.11.2-r0 \|\| =1.11.3-r0 \|\| =1.11.4-r0 \|\| =1.11.4-r1 \|\| =1.12.0-r0 \|\| =1.12.1-r0 \|\| =1.12.1-r1 \|\| =1.12.1.902-r0 \|\| =1.12.2-r0 \|\| =1.12.3-r0 \|\| =1.12.4-r0 \|\| =1.13.0-r0 \|\| =1.13.1-r0 \|\| =1.13.2-r0 \|\| =1.13.2-r1 \|\| =1.13.2-r2 \|\| =1.14.0-r0 \|\| =1.14.0-r1 \|\| =1.14.1-r0 \|\| =1.14.2-r0 \|\| =1.14.3-r0 \|\| =1.14.4-r0 \|\| =1.14.5-r0 \|\| =1.15.0-r0 \|\| =1.15.0-r1 \|\| =1.15.1-r0 \|\| =1.15.2-r0 \|\| =1.16.0-r0 \|\| =1.16.0-r1 \|\| =1.16.0-r2 \|\| =1.16.1-r0 \|\| =1.16.2-r0 \|\| =1.16.2.901-r0 \|\| =1.16.3-r0 \|\| =1.17.1-r0 \|\| =1.17.1-r1 \|\| =1.17.1-r2 \|\| =1.17.1-r3 \|\| =1.17.2-r0 \|\| =1.17.2-r1 \|\| =1.17.2-r2 \|\| =1.17.3-r0 \|\| =1.17.4-r0 \|\| =1.17.4-r1 \|\| =1.18.0-r0 \|\| =1.18.1-r0 \|\| =1.18.2-r0 \|\| =1.18.3-r0 \|\| =1.18.4-r0 \|\| =1.18.4-r1 \|\| =1.18.4-r2 \|\| =1.18.4-r3 \|\| =1.18.4-r4 \|\| =1.19.3-r0 \|\| =1.19.3-r1 \|\| =1.19.3-r2 \|\| =1.19.3-r3 \|\| =1.19.3-r4 \|\| =1.19.5-r0 \|\| =1.19.6-r0 \|\| =1.19.6-r1 \|\| =1.19.6-r2 \|\| =1.19.6-r3 \|\| =1.20.0-r0 \|\| =1.20.1-r0 \|\| =1.20.3-r0 \|\| =1.20.3-r1 \|\| =1.20.4-r0 \|\| =1.20.5-r0 \|\| =1.20.6-r0 \|\| =1.20.6-r1 \|\| =1.20.6-r2 \|\| =1.20.7-r0 \|\| =1.20.7-r1 \|\| =1.20.7-r2 \|\| =1.20.7-r3 \|\| =1.20.7-r4 \|\| =1.20.7-r5 \|\| =1.20.8-r0 \|\| =1.20.8-r1 \|\| =1.20.8-r2 \|\| =1.20.8-r3 \|\| =1.6.0-r0 \|\| =1.6.0-r1 \|\| =1.6.0-r2 \|\| =1.6.0-r3 \|\| =1.6.0-r4 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.1-r2 \|\| =1.6.1-r3 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.3-r1 \|\| =1.7.0.901-r1 \|\| =1.7.1-r0 \|\| =1.7.3.901-r0 \|\| =1.7.3.902-r0 \|\| =1.7.4.901-r0 \|\| =1.7.6-r0 \|\| =1.7.6-r1 \|\| =1.7.6-r2 \|\| =1.7.7-r0 \|\| =1.7.7-r1 \|\| =1.9.0-r0 \|\| =1.9.0-r1 \|\| =1.9.0.901-r0 \|\| =1.9.1-r0 \|\| =1.9.2-r0 \|\| =1.9.3-r0 \|\| =1.9.3.901-r0 \|\| =1.9.3.902-r0 \|\| =1.9.4-r0 \|\| =1.9.4-r1 \|\| >=0 <1.20.9-r0	1.20.9-r0
debian 13	xorg-server	>=0 <2:1.20.9-1	2:1.20.9-1
alpine v3.10	xorg-server	=1.10.0-r0 \|\| =1.10.0.901-r0 \|\| =1.10.0.902-r0 \|\| =1.10.1-r0 \|\| =1.10.1-r1 \|\| =1.10.2-r0 \|\| =1.10.3-r0 \|\| =1.10.4-r0 \|\| =1.11.0-r0 \|\| =1.11.1-r0 \|\| =1.11.1-r1 \|\| =1.11.1.902-r0 \|\| =1.11.2-r0 \|\| =1.11.3-r0 \|\| =1.11.4-r0 \|\| =1.11.4-r1 \|\| =1.12.0-r0 \|\| =1.12.1-r0 \|\| =1.12.1-r1 \|\| =1.12.1.902-r0 \|\| =1.12.2-r0 \|\| =1.12.3-r0 \|\| =1.12.4-r0 \|\| =1.13.0-r0 \|\| =1.13.1-r0 \|\| =1.13.2-r0 \|\| =1.13.2-r1 \|\| =1.13.2-r2 \|\| =1.14.0-r0 \|\| =1.14.0-r1 \|\| =1.14.1-r0 \|\| =1.14.2-r0 \|\| =1.14.3-r0 \|\| =1.14.4-r0 \|\| =1.14.5-r0 \|\| =1.15.0-r0 \|\| =1.15.0-r1 \|\| =1.15.1-r0 \|\| =1.15.2-r0 \|\| =1.16.0-r0 \|\| =1.16.0-r1 \|\| =1.16.0-r2 \|\| =1.16.1-r0 \|\| =1.16.2-r0 \|\| =1.16.2.901-r0 \|\| =1.16.3-r0 \|\| =1.17.1-r0 \|\| =1.17.1-r1 \|\| =1.17.1-r2 \|\| =1.17.1-r3 \|\| =1.17.2-r0 \|\| =1.17.2-r1 \|\| =1.17.2-r2 \|\| =1.17.3-r0 \|\| =1.17.4-r0 \|\| =1.17.4-r1 \|\| =1.18.0-r0 \|\| =1.18.1-r0 \|\| =1.18.2-r0 \|\| =1.18.3-r0 \|\| =1.18.4-r0 \|\| =1.18.4-r1 \|\| =1.18.4-r2 \|\| =1.18.4-r3 \|\| =1.18.4-r4 \|\| =1.19.3-r0 \|\| =1.19.3-r1 \|\| =1.19.3-r2 \|\| =1.19.3-r3 \|\| =1.19.3-r4 \|\| =1.19.5-r0 \|\| =1.19.6-r0 \|\| =1.19.6-r1 \|\| =1.19.6-r2 \|\| =1.19.6-r3 \|\| =1.20.0-r0 \|\| =1.20.1-r0 \|\| =1.20.3-r0 \|\| =1.20.3-r1 \|\| =1.20.4-r0 \|\| =1.20.5-r0 \|\| =1.20.5-r1 \|\| =1.6.0-r0 \|\| =1.6.0-r1 \|\| =1.6.0-r2 \|\| =1.6.0-r3 \|\| =1.6.0-r4 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.1-r2 \|\| =1.6.1-r3 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.3-r1 \|\| =1.7.0.901-r1 \|\| =1.7.1-r0 \|\| =1.7.3.901-r0 \|\| =1.7.3.902-r0 \|\| =1.7.4.901-r0 \|\| =1.7.6-r0 \|\| =1.7.6-r1 \|\| =1.7.6-r2 \|\| =1.7.7-r0 \|\| =1.7.7-r1 \|\| =1.9.0-r0 \|\| =1.9.0-r1 \|\| =1.9.0.901-r0 \|\| =1.9.1-r0 \|\| =1.9.2-r0 \|\| =1.9.3-r0 \|\| =1.9.3.901-r0 \|\| =1.9.3.902-r0 \|\| =1.9.4-r0 \|\| =1.9.4-r1 \|\| >=0 <1.20.5-r2	1.20.5-r2
alpine v3.9	xorg-server	=1.10.0-r0 \|\| =1.10.0.901-r0 \|\| =1.10.0.902-r0 \|\| =1.10.1-r0 \|\| =1.10.1-r1 \|\| =1.10.2-r0 \|\| =1.10.3-r0 \|\| =1.10.4-r0 \|\| =1.11.0-r0 \|\| =1.11.1-r0 \|\| =1.11.1-r1 \|\| =1.11.1.902-r0 \|\| =1.11.2-r0 \|\| =1.11.3-r0 \|\| =1.11.4-r0 \|\| =1.11.4-r1 \|\| =1.12.0-r0 \|\| =1.12.1-r0 \|\| =1.12.1-r1 \|\| =1.12.1.902-r0 \|\| =1.12.2-r0 \|\| =1.12.3-r0 \|\| =1.12.4-r0 \|\| =1.13.0-r0 \|\| =1.13.1-r0 \|\| =1.13.2-r0 \|\| =1.13.2-r1 \|\| =1.13.2-r2 \|\| =1.14.0-r0 \|\| =1.14.0-r1 \|\| =1.14.1-r0 \|\| =1.14.2-r0 \|\| =1.14.3-r0 \|\| =1.14.4-r0 \|\| =1.14.5-r0 \|\| =1.15.0-r0 \|\| =1.15.0-r1 \|\| =1.15.1-r0 \|\| =1.15.2-r0 \|\| =1.16.0-r0 \|\| =1.16.0-r1 \|\| =1.16.0-r2 \|\| =1.16.1-r0 \|\| =1.16.2-r0 \|\| =1.16.2.901-r0 \|\| =1.16.3-r0 \|\| =1.17.1-r0 \|\| =1.17.1-r1 \|\| =1.17.1-r2 \|\| =1.17.1-r3 \|\| =1.17.2-r0 \|\| =1.17.2-r1 \|\| =1.17.2-r2 \|\| =1.17.3-r0 \|\| =1.17.4-r0 \|\| =1.17.4-r1 \|\| =1.18.0-r0 \|\| =1.18.1-r0 \|\| =1.18.2-r0 \|\| =1.18.3-r0 \|\| =1.18.4-r0 \|\| =1.18.4-r1 \|\| =1.18.4-r2 \|\| =1.18.4-r3 \|\| =1.18.4-r4 \|\| =1.19.3-r0 \|\| =1.19.3-r1 \|\| =1.19.3-r2 \|\| =1.19.3-r3 \|\| =1.19.3-r4 \|\| =1.19.5-r0 \|\| =1.19.6-r0 \|\| =1.19.6-r1 \|\| =1.19.6-r2 \|\| =1.19.6-r3 \|\| =1.20.0-r0 \|\| =1.20.1-r0 \|\| =1.20.3-r0 \|\| =1.20.3-r1 \|\| =1.6.0-r0 \|\| =1.6.0-r1 \|\| =1.6.0-r2 \|\| =1.6.0-r3 \|\| =1.6.0-r4 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.1-r2 \|\| =1.6.1-r3 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.3-r1 \|\| =1.7.0.901-r1 \|\| =1.7.1-r0 \|\| =1.7.3.901-r0 \|\| =1.7.3.902-r0 \|\| =1.7.4.901-r0 \|\| =1.7.6-r0 \|\| =1.7.6-r1 \|\| =1.7.6-r2 \|\| =1.7.7-r0 \|\| =1.7.7-r1 \|\| =1.9.0-r0 \|\| =1.9.0-r1 \|\| =1.9.0.901-r0 \|\| =1.9.1-r0 \|\| =1.9.2-r0 \|\| =1.9.3-r0 \|\| =1.9.3.901-r0 \|\| =1.9.3.902-r0 \|\| =1.9.4-r0 \|\| =1.9.4-r1 \|\| >=0 <1.20.3-r2	1.20.3-r2
debian 14	xorg-server	>=0 <2:1.20.9-1	2:1.20.9-1
alpine v3.11	xorg-server	=1.10.0-r0 \|\| =1.10.0.901-r0 \|\| =1.10.0.902-r0 \|\| =1.10.1-r0 \|\| =1.10.1-r1 \|\| =1.10.2-r0 \|\| =1.10.3-r0 \|\| =1.10.4-r0 \|\| =1.11.0-r0 \|\| =1.11.1-r0 \|\| =1.11.1-r1 \|\| =1.11.1.902-r0 \|\| =1.11.2-r0 \|\| =1.11.3-r0 \|\| =1.11.4-r0 \|\| =1.11.4-r1 \|\| =1.12.0-r0 \|\| =1.12.1-r0 \|\| =1.12.1-r1 \|\| =1.12.1.902-r0 \|\| =1.12.2-r0 \|\| =1.12.3-r0 \|\| =1.12.4-r0 \|\| =1.13.0-r0 \|\| =1.13.1-r0 \|\| =1.13.2-r0 \|\| =1.13.2-r1 \|\| =1.13.2-r2 \|\| =1.14.0-r0 \|\| =1.14.0-r1 \|\| =1.14.1-r0 \|\| =1.14.2-r0 \|\| =1.14.3-r0 \|\| =1.14.4-r0 \|\| =1.14.5-r0 \|\| =1.15.0-r0 \|\| =1.15.0-r1 \|\| =1.15.1-r0 \|\| =1.15.2-r0 \|\| =1.16.0-r0 \|\| =1.16.0-r1 \|\| =1.16.0-r2 \|\| =1.16.1-r0 \|\| =1.16.2-r0 \|\| =1.16.2.901-r0 \|\| =1.16.3-r0 \|\| =1.17.1-r0 \|\| =1.17.1-r1 \|\| =1.17.1-r2 \|\| =1.17.1-r3 \|\| =1.17.2-r0 \|\| =1.17.2-r1 \|\| =1.17.2-r2 \|\| =1.17.3-r0 \|\| =1.17.4-r0 \|\| =1.17.4-r1 \|\| =1.18.0-r0 \|\| =1.18.1-r0 \|\| =1.18.2-r0 \|\| =1.18.3-r0 \|\| =1.18.4-r0 \|\| =1.18.4-r1 \|\| =1.18.4-r2 \|\| =1.18.4-r3 \|\| =1.18.4-r4 \|\| =1.19.3-r0 \|\| =1.19.3-r1 \|\| =1.19.3-r2 \|\| =1.19.3-r3 \|\| =1.19.3-r4 \|\| =1.19.5-r0 \|\| =1.19.6-r0 \|\| =1.19.6-r1 \|\| =1.19.6-r2 \|\| =1.19.6-r3 \|\| =1.20.0-r0 \|\| =1.20.1-r0 \|\| =1.20.3-r0 \|\| =1.20.3-r1 \|\| =1.20.4-r0 \|\| =1.20.5-r0 \|\| =1.20.6-r0 \|\| =1.20.6-r1 \|\| =1.6.0-r0 \|\| =1.6.0-r1 \|\| =1.6.0-r2 \|\| =1.6.0-r3 \|\| =1.6.0-r4 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.1-r2 \|\| =1.6.1-r3 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.3-r1 \|\| =1.7.0.901-r1 \|\| =1.7.1-r0 \|\| =1.7.3.901-r0 \|\| =1.7.3.902-r0 \|\| =1.7.4.901-r0 \|\| =1.7.6-r0 \|\| =1.7.6-r1 \|\| =1.7.6-r2 \|\| =1.7.7-r0 \|\| =1.7.7-r1 \|\| =1.9.0-r0 \|\| =1.9.0-r1 \|\| =1.9.0.901-r0 \|\| =1.9.1-r0 \|\| =1.9.2-r0 \|\| =1.9.3-r0 \|\| =1.9.3.901-r0 \|\| =1.9.3.902-r0 \|\| =1.9.4-r0 \|\| =1.9.4-r1 \|\| >=0 <1.20.6-r2	1.20.6-r2
debian 12	xorg-server	>=0 <2:1.20.9-1	2:1.20.9-1
debian 11	xorg-server	>=0 <2:1.20.9-1	2:1.20.9-1
rpm rhel8	egl-wayland	<0:1.1.5-3.el8	0:1.1.5-3.el8
rpm rhel8	libglvnd	<1:1.3.2-1.el8	1:1.3.2-1.el8

1-10 of 20

Aliases

1. CVE-2020-143462. NVD-2020-143463. OSV-ALPINE-2020-143464. OSV-2020-143465. OSV-DEBIAN-2020-143466. SECURITY-CVE-2020-143467. SECURITY-TRACKER-CVE-2020-14346

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.