5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
xterm is vulnerable to denial of service. The vulnerability exists due to a buffer overflow in set_sixel in graphics_sixel.c via crafted text.
CPE | Name | Operator | Version |
---|---|---|---|
xterm:sid | eq | 362-1 | |
xterm:sid | eq | 366-1 | |
xterm:edge | eq | 367-r0 | |
xterm:edge | eq | 354-r0 | |
xterm:edge | eq | 368-r0 | |
xterm:edge | eq | 366-r0 | |
xterm:edge | eq | 370-r0 | |
xterm:edge | eq | 353-r2 | |
xterm:edge | eq | 369-r0 | |
xterm:edge | eq | 356-r0 |
invisible-island.net/xterm/xterm.log.html
lists.debian.org/debian-lts-announce/2022/02/msg00007.html
lists.fedoraproject.org/archives/list/[email protected]/message/BP5Y4O7WBNLV24D22E6LE7RQFYOUVD2U/
lists.fedoraproject.org/archives/list/[email protected]/message/T4CWYYEBT6AJRJBBQU2KLUOQDHRM7WAV/
security-tracker.debian.org/tracker/CVE-2022-24130
security.gentoo.org/glsa/202208-22
twitter.com/nickblack/status/1487731459398025216
www.openwall.com/lists/oss-security/2022/01/30/2
www.openwall.com/lists/oss-security/2022/01/30/3
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P