[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#982435: screen: CVE-2021-26937


Utkarsh Gupta wrote:
> On Wed, Feb 10, 2021 at 6:56 PM Utkarsh Gupta <utkarsh@debian.org> wrote:
> > I'll take care of fixing stretch and jessie and I am aware of all this
> > since I was the one who got this CVE assigned! :D
> Somewhat related, I also got CVE-2021-27135 assigned for xterm.
> I'll take care of the updates when the patch is available.
> But interestingly, while reproducing the issue in screen, you can also
> easily reproduce this issue in xterm. See[1].
> [1]: https://www.openwall.com/lists/oss-security/2021/02/09/7

Ick! And indeed, double clicking that line closes xterm. Ouch.

urxvt and kitty seem not affected — but also don't seem to render it
correctly either.

I btw. managed to get Taviso's crash with xterm (365-1 from Debian
Unstable) even shorter.

$ base64 -d < CVE-2021-26937.poc.minimized | gzip -d - > test
$ lynx -dump test | head -1

And the e.g. double clicking on the resulting line.

Compressed and base64 encoded:


It though doesn't crash an unpatched screen.

Actually when Tavis mentioned Thomas, I just wanted to test where I
have most contact with Thomas: Lynx. But I found no similar issues in
Lynx. :-)

		Regards, Axel
 ,''`.  |  Axel Beckert <abe@debian.org>, https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-    |  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Attachment: signature.asc
Description: PGP signature

Reply to: