CVE-2022-45063 — Command Injection in Xterm

CWE-77 — Command Injection CWE-94 — Code Injection7 documents7 sources

Severity

9.8CRITICALNVD

EPSS

17.9%

top 4.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Invisible-island Xterm Fedoraproject Fedora

Timeline

PublishedNov 10

Description

xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶NVDinvisible-island/xterm< 375

▶Debianinvisible-island/xterm< 375-1+2

Also affects: Fedora 35, 36, 37

Patches

Patch: www.openwall.com ↗Patch: www.openwall.com ↗Patch: www.openwall.com ↗

🔴Vulnerability Details

OSV

CVE-2022-45063: xterm before 375 allows code execution via font ops, e↗2022-11-10

▶

CVEList

CVE-2022-45063: xterm before 375 allows code execution via font ops, e↗2022-11-10

▶

GHSA

GHSA-3cch-wj7f-8g8x: xterm before 375 allows code execution via font ops, e↗2022-11-10

▶

📋Vendor Advisories

Red Hat

xterm: code execution via OSC 50 input sequences↗2022-11-10

▶

Microsoft

xterm before 375 allows code execution via font ops e.g. because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are n↗2022-11-08

▶

Debian

CVE-2022-45063: xterm - xterm before 375 allows code execution via font ops, e.g., because an OSC 50 res...↗2022

▶