The X Input Method (XIM) client implementation in libX11 has some integer overflows and signed/unsigned comparison issues that can lead to heap corruption when handling malformed messages from an input method.
This bug is in libX11, not xorg-x11-server.
Acknowledgments: Name: X.org project Upstream: Todd Carson
Public via: https://www.openwall.com/lists/oss-security/2020/07/31/1
Created libX11 tracking bugs for this issue: Affects: fedora-all [bug 1862519] Created xorg-x11-server tracking bugs for this issue: Affects: fedora-all [bug 1862518]
External References: https://lists.x.org/archives/xorg-announce/2020-July/003050.html
Upstream patches: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/1703b9f3435079d3c6021e1ee2ec34fd4978103d https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/1a566c9e00e5f35c1f9e7f3d741a02e5170852b2 https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/2fcfcc49f3b1be854bb9085993a01d17c62acf60 https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/388b303c62aa35a245f1704211a023440ad2c488 https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/0e6561efcfaa0ae7b5c74eac7e064b76d687544e Note: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/388b303c62aa35a245f1704211a023440ad2c488 introduces a regression which has been fixed via: https://gitlab.freedesktop.org/xorg/lib/libx11/-/merge_requests/40
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-14344
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:1804 https://access.redhat.com/errata/RHSA-2021:1804