CVE-2021-27135

Published: Feb 10, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.openwall.com/lists/oss-security/2021/02/09/7

x_refsource_MISC

https://www.openwall.com/lists/oss-security/2021/02/09/9

x_refsource_MISC

[oss-security] 20210210 Re: Re: screen crash processing combining characters

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20210213 [SECURITY] [DLA 2558-1] xterm security update

mailing-list

x_refsource_MLIST

FEDORA-2021-e7a8e79fa8

vendor-advisory

x_refsource_FEDORA

https://news.ycombinator.com/item?id=26524650

x_refsource_MISC

https://access.redhat.com/security/cve/CVE-2021-27135

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=1927559

x_refsource_MISC

https://invisible-island.net/xterm/xterm.log.html

x_refsource_CONFIRM

https://github.com/ThomasDickey/xterm-snapshots/commit/82ba55b8f994ab30ff561a347b82ea340ba7075c

x_refsource_CONFIRM

https://bugzilla.suse.com/show_bug.cgi?id=1182091

x_refsource_CONFIRM

20210520 CVE-2021-31535 libX11 Insufficient Length Checks PoC and Archeology

mailing-list

x_refsource_FULLDISC

GLSA-202208-22

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-27135

Description

Affected Products

References