CVE-2020-9366

CWE-787Out-of-bounds WriteCWE-119Buffer OverflowCWE-120Classic Buffer Overflow7 documents7 sources
Severity
9.8CRITICAL
EPSS
0.7%
top 27.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Screen
Timeline
PublishedFeb 24
Latest updateMay 24

Description

A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDgnu/screen< 4.8.0
Debianscreen< 4.8.0-1+3

Patches

Patch: lists.gnu.orgPatch: www.openwall.comPatch: lists.gnu.org

🔴Vulnerability Details

3
GHSA
GHSA-fcx3-q2fc-3hrw: A buffer overflow was found in the way GNU Screen before 42022-05-24
CVEList
CVE-2020-9366: A buffer overflow was found in the way GNU Screen before 42020-02-24
OSV
CVE-2020-9366: A buffer overflow was found in the way GNU Screen before 42020-02-24

📋Vendor Advisories

2
Red Hat
screen: Out of bounds access when setting w_xtermosc after OSC 492020-02-06
Debian
CVE-2020-9366: screen - A buffer overflow was found in the way GNU Screen before 4.8.0 treated the speci...2020

💬Community

1
Bugzilla
CVE-2020-9366 screen: Out of bounds access when setting w_xtermosc after OSC 492020-02-10
CVE-2020-9366 (CRITICAL CVSS 9.8) | A buffer overflow was found in the | cvebase.io