CVE-2018-14665

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.

References

Affected packages

Git / gitlab.freedesktop.org/xorg/xserver

Affected ranges

Type

GIT

Repo

https://gitlab.freedesktop.org/xorg/xserver

Events

Introduced

Fixed

971d418113740cae2d7d393850bad4926d1a7e86

Introduced

Last affected

0d7ec5c7d9b451066a079fe56bcc9722341a91ff

Introduced

Last affected

0d7ec5c7d9b451066a079fe56bcc9722341a91ff

Introduced

Last affected

0d7ec5c7d9b451066a079fe56bcc9722341a91ff

Fixed

50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e

Fixed

8a59e3b7dbb30532a7c3769c555e00d7c4301170

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.20.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        }
    ]
}

Affected versions

Other

DRI-XFree86-4_3_99_12-merge

DRI-trunk-20040613

DRI-trunk-20040721

DRM-1_0_5

DRM-20040613

DRM-20040721

DRM-20050615

DRM-20051017

DRM-2_0_0

Domain-base

Domain-sync1

Domain-sync2

Domain-sync3

Domain-sync4

MODULAR_COPY

PRE_xf86-4_3_0_1

XACE-SELINUX-MERGE

XORG-6_7_99_1

XORG-6_7_99_2

XORG-6_7_99_901

XORG-6_7_99_902

XORG-6_7_99_903

XORG-6_7_99_904

XORG-6_8_0

XORG-6_8_99_1

XORG-6_8_99_10

XORG-6_8_99_11

XORG-6_8_99_12

XORG-6_8_99_13

XORG-6_8_99_14

XORG-6_8_99_15

XORG-6_8_99_16

XORG-6_8_99_2

XORG-6_8_99_3

XORG-6_8_99_4

XORG-6_8_99_5

XORG-6_8_99_6

XORG-6_8_99_7

XORG-6_8_99_8

XORG-6_8_99_9

XORG-6_8_99_900

XORG-6_8_99_901

XORG-6_8_99_902

XORG-6_8_99_903

XORG-6_99_99_900

XORG-6_99_99_901

XORG-6_99_99_902

XORG-6_99_99_903

XORG-6_99_99_904

XORG-7_0

XORG-7_0_99_901

XORG-MAIN

add-Xi

ah-20021030

ah-20021030-postdri

before-mesa-4_0-import

dhd-20010328

dhd-20010817

dhd-20020916

dri-0-1-branchpoint

dri-20020129-merge

dri-20020222-merge

kdrive-initial-import

keithp

lg3d-base

pre-R651-import

pre-xgldrop-merge

sco_port_update-base

xf-3_9_16Z

xf-3_9_16Za

xf-3_9_16d

xf-3_9_16e

xf-3_9_16f

xf-3_9_17

xf-3_9_17Z

xf-3_9_17a

xf-3_9_17b

xf-3_9_17c

xf-3_9_17d

xf-3_9_17e

xf-3_9_17f

xf-3_9_18

xf-3_9_18Z

xf-3_9_18Za

xf-3_9_18a

xf-3_9_18b

xf-4_0

xf-4_0-bindist

xf-4_0Z

xf-4_0_1

xf-4_0_1-bindist

xf-4_0_1Z

xf-4_0_1Za

xf-4_0_1Zb

xf-4_0_1Zc

xf-4_0_1a

xf-4_0_1b

xf-4_0_1c

xf-4_0_1d

xf-4_0_1e

xf-4_0_1f

xf-4_0_1g

xf-4_0_1h

xf-4_0_2

xf-4_0_2-bindist

xf-4_0_99_1

xf-4_0_99_2

xf-4_0_99_3

xf-4_0_99_900

xf-4_0a

xf-4_0b

xf-4_0c

xf-4_0d

xf-4_0e

xf-4_0f

xf-4_0g

xf-4_1_99_1

xf-4_1_99_2

xf-4_1_99_3

xf-4_1_99_4

xf-4_1_99_5

xf-4_1_99_6

xf-4_1_99_7

xf-4_2-bp

xf-4_2_0

xf-4_2_0-bindist

xf-4_2_0-bindist-1

xf-4_2_0_1

xf-4_2_1

xf-4_2_1_1

xf-4_2_99_1

xf-4_2_99_2

xf-4_2_99_3

xf-4_2_99_4

xf-4_2_99_901

xf-4_2_99_902

xf-4_3_0

xf-4_3_0_1

xf-4_3_99_1

xf-4_3_99_2

xf-4_3_99_3

xf-4_3_99_4

xf-4_3_99_5

xf-4_3_99_6

xf86-012804-2330

xf86-4_3_0_1

xf86-4_3_99_16

xf86-4_3_99_901

xf86-4_3_99_902

xf86-4_3_99_903

xf86-4_3_99_903_special

xf86-4_4_0

xf86-4_4_99_1

xfixes_2_branchpoint

xorg-server-0_99_1

xorg-server-1_0_99_1

xorg-server-1_0_99_2

xorg-server-1_0_99_901

xorg-server-1_1_99_1

xorg-server-1_1_99_2

xorg-server-1.*

xorg-server-1.1.99.3

xorg-server-1.10.0

xorg-server-1.10.99.901

xorg-server-1.10.99.902

xorg-server-1.11.0

xorg-server-1.11.99.1

xorg-server-1.11.99.901

xorg-server-1.11.99.902

xorg-server-1.11.99.903

xorg-server-1.12.0

xorg-server-1.12.99.901

xorg-server-1.12.99.902

xorg-server-1.12.99.903

xorg-server-1.12.99.904

xorg-server-1.12.99.905

xorg-server-1.13.0

xorg-server-1.13.99.901

xorg-server-1.13.99.902

xorg-server-1.14.0

xorg-server-1.14.99.1

xorg-server-1.14.99.2

xorg-server-1.14.99.3

xorg-server-1.14.99.901

xorg-server-1.14.99.902

xorg-server-1.14.99.903

xorg-server-1.14.99.904

xorg-server-1.14.99.905

xorg-server-1.15.0

xorg-server-1.15.99.901

xorg-server-1.15.99.902

xorg-server-1.15.99.903

xorg-server-1.15.99.904

xorg-server-1.16.0

xorg-server-1.16.99.901

xorg-server-1.16.99.902

xorg-server-1.17.0

xorg-server-1.17.99.901

xorg-server-1.17.99.902

xorg-server-1.18.0

xorg-server-1.18.99.2

xorg-server-1.18.99.901

xorg-server-1.18.99.902

xorg-server-1.19.0

xorg-server-1.19.99.901

xorg-server-1.19.99.902

xorg-server-1.19.99.903

xorg-server-1.19.99.904

xorg-server-1.19.99.905

xorg-server-1.20.0

xorg-server-1.20.1

xorg-server-1.20.2

xorg-server-1.5.99.1

xorg-server-1.6.99.900

xorg-server-1.6.99.901

xorg-server-1.7.99.1

xorg-server-1.7.99.2

xorg-server-1.7.99.901

xorg-server-1.7.99.902

xorg-server-1.8.0

xorg-server-1.8.99.901

xorg-server-1.8.99.902

xorg-server-1.8.99.903

xorg-server-1.8.99.904

xorg-server-1.8.99.905

xorg-server-1.8.99.906

xorg-server-1.9.0

xorg-server-1.9.99.901

xorg-server-1.9.99.902

xorg-server-1.9.99.903

Database specific

vanir_signatures_modified

"2026-04-11T12:27:33Z"

vanir_signatures

[
    {
        "id": "CVE-2018-14665-22639977",
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://gitlab.freedesktop.org/xorg/xserver@8a59e3b7dbb30532a7c3769c555e00d7c4301170",
        "deprecated": false,
        "target": {
            "function": "ddxProcessArgument",
            "file": "hw/xfree86/common/xf86Init.c"
        },
        "digest": {
            "function_hash": "315373064620892594551951638009703833680",
            "length": 6630.0
        }
    },
    {
        "id": "CVE-2018-14665-6550486b",
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://gitlab.freedesktop.org/xorg/xserver@50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e",
        "deprecated": false,
        "target": {
            "file": "hw/xfree86/common/xf86Init.c"
        },
        "digest": {
            "line_hashes": [
                "65873069307278292652010531175368615420",
                "284923232927484381038688238309080919142",
                "27624637168183375727967830732217204166",
                "235860324613668966512981938403285548298",
                "183732425723223922100410593710392118164",
                "114508074504614284615304547286231225643",
                "315439724826352396352105082473061468447",
                "212627248673392263212831660654490005750",
                "95330500942765008061279670440426547946",
                "56839145749456828219969817469731032700",
                "213388443174132321590396988505480979115"
            ],
            "threshold": 0.9
        }
    },
    {
        "id": "CVE-2018-14665-78795323",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "65873069307278292652010531175368615420",
                "284923232927484381038688238309080919142",
                "27624637168183375727967830732217204166",
                "235860324613668966512981938403285548298",
                "183732425723223922100410593710392118164",
                "114508074504614284615304547286231225643",
                "315439724826352396352105082473061468447",
                "212627248673392263212831660654490005750",
                "95330500942765008061279670440426547946",
                "56839145749456828219969817469731032700",
                "213388443174132321590396988505480979115"
            ],
            "threshold": 0.9
        },
        "source": "https://gitlab.freedesktop.org/xorg/xserver@8a59e3b7dbb30532a7c3769c555e00d7c4301170",
        "deprecated": false,
        "target": {
            "file": "hw/xfree86/common/xf86Init.c"
        },
        "signature_type": "Line"
    },
    {
        "id": "CVE-2018-14665-9355e2b1",
        "signature_version": "v1",
        "digest": {
            "function_hash": "183506005408712373153446637987835782518",
            "length": 6537.0
        },
        "source": "https://gitlab.freedesktop.org/xorg/xserver@50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e",
        "signature_type": "Function",
        "target": {
            "function": "ddxProcessArgument",
            "file": "hw/xfree86/common/xf86Init.c"
        },
        "deprecated": false
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14665.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "16.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "18.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "18.10"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    }
]