Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-27347

Опубликовано: 06 нояб. 2020
Источник: debian

Описание

In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
tmuxfixed3.1c-1package
tmuxnot-affectedbusterpackage
tmuxnot-affectedstretchpackage

Примечания

  • https://www.openbsd.org/errata68.html (003: SECURITY FIX: October 29, 2020)

  • Introduced by: https://github.com/tmux/tmux/commit/4e3d6612845e190a490f40cce79c858dadaee74b (2.9)

  • Fixed by: https://github.com/tmux/tmux/commit/a868bacb46e3c900530bed47a1c6f85b0fbe701c

  • https://www.openwall.com/lists/oss-security/2020/11/05/3

Связанные уязвимости

ubuntu логотип

CVE-2020-27347

CVSS3: 8.8
ubuntu
больше 5 лет назад

In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

redhat логотип

CVE-2020-27347

CVSS3: 8.5
redhat
больше 5 лет назад

In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

nvd логотип

CVE-2020-27347

CVSS3: 8.8
nvd
больше 5 лет назад

In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

github логотип

GHSA-xp5q-c655-9565

CVSS3: 7.8
github
больше 3 лет назад

The function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

suse-cvrf логотип

openSUSE-SU-2020:1834-1

suse-cvrf
больше 5 лет назад

Security update for tmux