A buffer overflow in GNU Screen might allow remote attackers to corrupt memory.
Package | app-misc/screen on all architectures |
---|---|
Affected versions | < 4.8.0 |
Unaffected versions | >= 4.8.0 |
GNU Screen is a full-screen window manager that multiplexes a physical terminal between several processes, typically interactive shells.
A buffer overflow was found in the way GNU Screen treated the special escape OSC 49.
A remote attacker, by writing a specially crafted string of characters to a GNU Screen window, could possibly corrupt memory or have other unspecified impact.
There is no known workaround at this time.
All GNU Screen users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-misc/screen-4.8.0"
Release date
March 30, 2020
Latest revision
March 30, 2020: 1
Severity
normal
Exploitable
remote
Bugzilla entries