3a026cd9c1
X.Org security advisory: July 31, 2020 X Server Pixel Data Uninitialized Memory Information Disclosure =============================================================== CVE-2020-14347 Allocation for pixmap data in AllocatePixmap() does not initialize the memory in xserver, it leads to leak uninitialize heap memory to clients. When the X server runs with elevated privileges. This flaw can lead to ASLR bypass, which when combined with other flaws (known/unknown) could lead to lead to privilege elevation in the client.
13 lines
456 B
Diff
13 lines
456 B
Diff
diff --git a/dix/pixmap.c b/dix/pixmap.c
|
|
index 1186d7dbb..5a0146bbb 100644
|
|
--- a/dix/pixmap.c
|
|
+++ b/dix/pixmap.c
|
|
@@ -116,7 +116,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize)
|
|
if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize)
|
|
return NullPixmap;
|
|
|
|
- pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize);
|
|
+ pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize);
|
|
if (!pPixmap)
|
|
return NullPixmap;
|