CVE-2020-25697
Published: 26 May 2021
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
Priority
Low
CVSS 3 base score: 7.0
Notes
| Author | Note |
|---|---|
| mdeslaur | as of 2021-05-19, there is no upstream fix for this issue. This is a long-standing X11 design limitation and is difficult to exploit. We will not be releasing updates for this issue. |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25697
- https://www.openwall.com/lists/oss-security/2020/11/09/3
- NVD
- Launchpad
- Debian