Red Hat Enterprise Linux 8 update for userspace graphics, xorg-x11, and mesa
Security Bulletin
This security bulletin contains information about 9 vulnerabilities.
1) Integer overflow
EUVDB-ID: #VU41865
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-14344
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow in the X Input Method (XIM) client in libX11. A local user can run a specially crafted program, trigger integer overflow and execute arbitrary code on the system with elevated privileges.
Install updates from vendor's website.
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
xorg-x11-server (Red Hat package): before 1.20.10-1.el8
xorg-x11-drivers (Red Hat package): before 7.7-30.el8
mesa (Red Hat package): before 20.3.3-2.el8
libwacom (Red Hat package): before 1.6-2.el8
libinput (Red Hat package): before 1.16.3-1.el8
libglvnd (Red Hat package): before 1.3.2-1.el8
libdrm (Red Hat package): before 2.4.103-1.el8
libX11 (Red Hat package): before 1.6.8-4.el8
egl-wayland (Red Hat package): before 1.1.5-3.el8
External linkshttp://access.redhat.com/errata/RHSA-2021:1804
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU46028
Risk: Low
CVSSv3.1: 2.5 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-14345
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in XkbSetNames(). A local user can run a specially crafted program to trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
xorg-x11-server (Red Hat package): before 1.20.10-1.el8
xorg-x11-drivers (Red Hat package): before 7.7-30.el8
mesa (Red Hat package): before 20.3.3-2.el8
libwacom (Red Hat package): before 1.6-2.el8
libinput (Red Hat package): before 1.16.3-1.el8
libglvnd (Red Hat package): before 1.3.2-1.el8
libdrm (Red Hat package): before 2.4.103-1.el8
libX11 (Red Hat package): before 1.6.8-4.el8
egl-wayland (Red Hat package): before 1.1.5-3.el8
External linkshttp://access.redhat.com/errata/RHSA-2021:1804
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Integer underflow
EUVDB-ID: #VU46029
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-14346
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer underflow in the XIChangeHierarchy(). A local user can send a specially crafted request to the affected application, trigger integer underflow and execute arbitrary code on the target system with elevated privileges.
Install updates from vendor's website.
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
xorg-x11-server (Red Hat package): before 1.20.10-1.el8
xorg-x11-drivers (Red Hat package): before 7.7-30.el8
mesa (Red Hat package): before 20.3.3-2.el8
libwacom (Red Hat package): before 1.6-2.el8
libinput (Red Hat package): before 1.16.3-1.el8
libglvnd (Red Hat package): before 1.3.2-1.el8
libdrm (Red Hat package): before 2.4.103-1.el8
libX11 (Red Hat package): before 1.6.8-4.el8
egl-wayland (Red Hat package): before 1.1.5-3.el8
External linkshttp://access.redhat.com/errata/RHSA-2021:1804
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper Initialization
EUVDB-ID: #VU45684
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-14347
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to gain access to sensitive information.
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
MitigationInstall updates from vendor's website.
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
xorg-x11-server (Red Hat package): before 1.20.10-1.el8
xorg-x11-drivers (Red Hat package): before 7.7-30.el8
mesa (Red Hat package): before 20.3.3-2.el8
libwacom (Red Hat package): before 1.6-2.el8
libinput (Red Hat package): before 1.16.3-1.el8
libglvnd (Red Hat package): before 1.3.2-1.el8
libdrm (Red Hat package): before 2.4.103-1.el8
libX11 (Red Hat package): before 1.6.8-4.el8
egl-wayland (Red Hat package): before 1.1.5-3.el8
External linkshttp://access.redhat.com/errata/RHSA-2021:1804
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU48758
Risk: Low
CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-14360
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when processing XkbSetMap requests. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
xorg-x11-server (Red Hat package): before 1.20.10-1.el8
xorg-x11-drivers (Red Hat package): before 7.7-30.el8
mesa (Red Hat package): before 20.3.3-2.el8
libwacom (Red Hat package): before 1.6-2.el8
libinput (Red Hat package): before 1.16.3-1.el8
libglvnd (Red Hat package): before 1.3.2-1.el8
libdrm (Red Hat package): before 2.4.103-1.el8
libX11 (Red Hat package): before 1.6.8-4.el8
egl-wayland (Red Hat package): before 1.1.5-3.el8
External linkshttp://access.redhat.com/errata/RHSA-2021:1804
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Integer underflow
EUVDB-ID: #VU46030
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-14361
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer underflow in the XkbSelectEvents(). A local user can send a specially crafted request to the affected application, trigger integer underflow and execute arbitrary code on the target system with elevated privileges.
MitigationInstall updates from vendor's website.
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
xorg-x11-server (Red Hat package): before 1.20.10-1.el8
xorg-x11-drivers (Red Hat package): before 7.7-30.el8
mesa (Red Hat package): before 20.3.3-2.el8
libwacom (Red Hat package): before 1.6-2.el8
libinput (Red Hat package): before 1.16.3-1.el8
libglvnd (Red Hat package): before 1.3.2-1.el8
libdrm (Red Hat package): before 2.4.103-1.el8
libX11 (Red Hat package): before 1.6.8-4.el8
egl-wayland (Red Hat package): before 1.1.5-3.el8
External linkshttp://access.redhat.com/errata/RHSA-2021:1804
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Integer underflow
EUVDB-ID: #VU46031
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-14362
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer underflow in the XRecordRegisterClients(). A local user can send a specially crafted request to the affected application, trigger integer underflow and execute arbitrary code on the target system with elevated privileges.
MitigationInstall updates from vendor's website.
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
xorg-x11-server (Red Hat package): before 1.20.10-1.el8
xorg-x11-drivers (Red Hat package): before 7.7-30.el8
mesa (Red Hat package): before 20.3.3-2.el8
libwacom (Red Hat package): before 1.6-2.el8
libinput (Red Hat package): before 1.16.3-1.el8
libglvnd (Red Hat package): before 1.3.2-1.el8
libdrm (Red Hat package): before 2.4.103-1.el8
libX11 (Red Hat package): before 1.6.8-4.el8
egl-wayland (Red Hat package): before 1.1.5-3.el8
External linkshttp://access.redhat.com/errata/RHSA-2021:1804
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Double Free
EUVDB-ID: #VU46027
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-14363
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when handling locales in LibX11. A local user can run a specially crafted program to trigger integer overflow and double free and execute arbitrary code on the system with elevated privileges.
Install updates from vendor's website.
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
xorg-x11-server (Red Hat package): before 1.20.10-1.el8
xorg-x11-drivers (Red Hat package): before 7.7-30.el8
mesa (Red Hat package): before 20.3.3-2.el8
libwacom (Red Hat package): before 1.6-2.el8
libinput (Red Hat package): before 1.16.3-1.el8
libglvnd (Red Hat package): before 1.3.2-1.el8
libdrm (Red Hat package): before 2.4.103-1.el8
libX11 (Red Hat package): before 1.6.8-4.el8
egl-wayland (Red Hat package): before 1.1.5-3.el8
External linkshttp://access.redhat.com/errata/RHSA-2021:1804
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Heap-based buffer overflow
EUVDB-ID: #VU48759
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-25712
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within XkbSetDeviceInfo functionality. A local user can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system with elevated privileges.
Install updates from vendor's website.
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
xorg-x11-server (Red Hat package): before 1.20.10-1.el8
xorg-x11-drivers (Red Hat package): before 7.7-30.el8
mesa (Red Hat package): before 20.3.3-2.el8
libwacom (Red Hat package): before 1.6-2.el8
libinput (Red Hat package): before 1.16.3-1.el8
libglvnd (Red Hat package): before 1.3.2-1.el8
libdrm (Red Hat package): before 2.4.103-1.el8
libX11 (Red Hat package): before 1.6.8-4.el8
egl-wayland (Red Hat package): before 1.1.5-3.el8
External linkshttp://access.redhat.com/errata/RHSA-2021:1804
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
