Allocation for pixmap data in AllocatePixmap() does not initialize the memory in xserver, it leads to leak uninitialize heap memory to clients. When the X server runs with elevated privileges, this can lead to privilege elevation in the client.
Acknowledgments: Name: X.org project Upstream: Jan-Niklas Sohn (Trend Micro Zero Day Initiative)
Public via: https://www.openwall.com/lists/oss-security/2020/07/31/2
Created xorg-x11-server tracking bugs for this issue: Affects: fedora-all [bug 1862517]
External References: https://lists.x.org/archives/xorg-announce/2020-July/003051.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:5408 https://access.redhat.com/errata/RHSA-2020:5408
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-14347
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:1804 https://access.redhat.com/errata/RHSA-2021:1804