Your submission was sent successfully! Close

CVE-2020-9366

Published: 24 February 2020

A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
screen
Launchpad, Ubuntu, Debian
bionic Not vulnerable

eoan Not vulnerable

precise Not vulnerable

trusty Not vulnerable

upstream
Released (4.8.0-1)
xenial Not vulnerable

Patches:
upstream: https://git.savannah.gnu.org/cgit/screen.git/commit/?id=68386dfb1fa33471372a8cd2e74686758a2f527b
upstream: https://git.savannah.gnu.org/cgit/screen.git/commit/?id=0dd53533e20d2948351a99ec5336fbc9b82b226a

Notes

AuthorNote
leosilva
vulnerable code introduced in v4.7.0
introduced by https://git.savannah.gnu.org/cgit/screen.git/commit/?id=c5db181b6e017cfccb8d7842ce140e59294d9f62

References