Medium severity6.7NVD Advisory· Published Aug 5, 2020· Updated Jun 17, 2026
CVE-2020-14344
CVE-2020-14344
Description
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are shipped with Red Hat Enterprise Linux.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
73- osv-coords71 versionspkg:rpm/almalinux/libglvndpkg:rpm/almalinux/libglvnd-core-develpkg:rpm/almalinux/libglvnd-develpkg:rpm/almalinux/libglvnd-eglpkg:rpm/almalinux/libglvnd-glespkg:rpm/almalinux/libglvnd-glxpkg:rpm/almalinux/libglvnd-openglpkg:rpm/almalinux/libinput-develpkg:rpm/almalinux/libwacom-develpkg:rpm/almalinux/mesa-libgbm-develpkg:rpm/almalinux/mesa-libOSMesa-develpkg:rpm/almalinux/xorg-x11-driverspkg:rpm/almalinux/xorg-x11-server-develpkg:rpm/almalinux/xorg-x11-server-sourcepkg:rpm/opensuse/libX11&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/libX11&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/libX11&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/libxcb&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/libxcb&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/libX11&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/libX11&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/libX11&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/libX11&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/libX11&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/libX11&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/libX11&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/libX11&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/libxcb&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/libxcb&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1pkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP2pkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/libxcb&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/libxcb&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/libxcb&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/libxcb&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/libxcb&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/libxcb&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/xorg-x11-libX11&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/xorg-x11-libX11&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
< 1:1.3.2-1.el8+ 70 more
- (no CPE)range: < 1:1.3.2-1.el8
- (no CPE)range: < 1:1.3.2-1.el8
- (no CPE)range: < 1:1.3.2-1.el8
- (no CPE)range: < 1:1.3.2-1.el8
- (no CPE)range: < 1:1.3.2-1.el8
- (no CPE)range: < 1:1.3.2-1.el8
- (no CPE)range: < 1:1.3.2-1.el8
- (no CPE)range: < 1.16.3-1.el8
- (no CPE)range: < 1.6-2.el8
- (no CPE)range: < 20.3.3-2.el8
- (no CPE)range: < 20.3.3-2.el8
- (no CPE)range: < 7.7-30.el8
- (no CPE)range: < 1.20.10-1.el8
- (no CPE)range: < 1.20.10-1.el8
- (no CPE)range: < 1.6.5-lp151.4.3.1
- (no CPE)range: < 1.6.5-lp152.5.3.1
- (no CPE)range: < 1.7.2-1.2
- (no CPE)range: < 1.13-lp151.4.3.1
- (no CPE)range: < 1.13-lp152.5.3.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.5-3.6.2
- (no CPE)range: < 1.6.5-3.6.2
- (no CPE)range: < 1.6.5-3.6.2
- (no CPE)range: < 1.6.5-3.6.2
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.5-3.6.2
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.5-3.6.2
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.6.2-12.8.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.13-3.5.1
- (no CPE)range: < 1.13-3.5.1
- (no CPE)range: < 1.13-3.5.1
- (no CPE)range: < 1.13-3.5.1
- (no CPE)range: < 1.13-3.5.1
- (no CPE)range: < 1.13-3.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.13-3.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.13-3.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 1.10-4.5.1
- (no CPE)range: < 7.4-5.11.72.15.1
- (no CPE)range: < 7.4-5.11.72.15.1
- The X11 Project/libX11v5Range: 1.6.10
Patches
Vulnerability mechanics
References
13- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- lists.x.org/archives/xorg-announce/2020-July/003050.htmlnvdMailing ListPatchVendor Advisory
- www.openwall.com/lists/oss-security/2020/07/31/1nvdMailing ListPatchThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-08/msg00014.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-08/msg00015.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-08/msg00024.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-08/msg00031.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/202008-18nvdThird Party Advisory
- usn.ubuntu.com/4487-1/nvdThird Party Advisory
- usn.ubuntu.com/4487-2/nvdThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4VDDSAYV7XGNRCXE7HCU23645MG74OFF/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7AVXCQOSCAPKYYHFIJAZ6E2C7LJBTLXF/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XY4H2SIEF2362AMNX5ZKWAELGU7LKFJB/nvd
News mentions
0No linked articles in our index yet.