CVE-2021-26937
Summary
| CVE | CVE-2021-26937 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-02-09 20:15:00 UTC |
|---|
| Updated | 2023-11-07 03:31:00 UTC |
|---|
| Description | encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] Fedora 32 Update: screen-4.8.0-5.fc32 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
Mailing List, Third Party Advisory |
| GNU Screen: User-assisted execution of arbitrary code (GLSA 202105-11) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| [SECURITY] Fedora 33 Update: screen-4.8.0-5.fc33 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
Mailing List, Third Party Advisory |
| [screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 ch |
MISC |
lists.gnu.org |
Exploit, Mailing List, Vendor Advisory |
| [SECURITY] [DLA 2570-1] screen security update |
MLIST |
lists.debian.org |
Mailing List, Third Party Advisory |
| [SECURITY] Fedora 32 Update: screen-4.8.0-5.fc32 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| Index of ftp.gnu.org/gnu/screen |
MISC |
ftp.gnu.org |
Product |
| [SECURITY] Fedora 33 Update: screen-4.8.0-5.fc33 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| Debian -- Security Information -- DSA-4861-1 screen |
DEBIAN |
www.debian.org |
Third Party Advisory |
| oss-security - Re: screen crash processing combining characters |
MLIST |
www.openwall.com |
Exploit, Mailing List, Third Party Advisory |
| oss-security - screen crash processing combining characters |
MISC |
www.openwall.com |
Exploit, Mailing List, Third Party Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 179498 Debian Security Update for screen (CVE-2021-26937)
- 240450 Red Hat Update for screen (RHSA-2022:1074)
- 257075 CentOS Security Update for screen (CESA-2021:0742)
- 281598 Fedora Security Update for screen (FEDORA-2021-5e9894a0c5)
- 281599 Fedora Security Update for screen (FEDORA-2021-9107eeb95c)
- 296067 Oracle Solaris 11.4 Support Repository Update (SRU) 33.94.0 Missing (CPUAPR2021)
- 352259 Amazon Linux Security Advisory for screen: ALAS2-2021-1623
- 352261 Amazon Linux Security Advisory for screen: ALAS-2021-1492
- 377067 Alibaba Cloud Linux Security Update for screen (ALINUX2-SA-2021:0012)
- 500639 Alpine Linux Security Update for screen
- 501494 Alpine Linux Security Update for screen
- 504404 Alpine Linux Security Update for screen
- 670227 EulerOS Security Update for screen (EulerOS-SA-2021-1848)
- 670311 EulerOS Security Update for screen (EulerOS-SA-2021-1913)
- 670336 EulerOS Security Update for screen (EulerOS-SA-2021-1888)
- 670432 EulerOS Security Update for screen (EulerOS-SA-2021-2068)
- 670443 EulerOS Security Update for screen (EulerOS-SA-2021-2057)
- 670689 EulerOS Security Update for screen (EulerOS-SA-2021-2447)
- 670879 EulerOS Security Update for screen (EulerOS-SA-2021-1888)
- 670929 EulerOS Security Update for screen (EulerOS-SA-2021-2068)
- 710104 Gentoo Linux GNU Screen User-assisted execution of arbitrary code vulnerability (GLSA 202105-11)
- 750354 OpenSUSE Security Update for screen (openSUSE-SU-2021:0304-1)
- 901416 Common Base Linux Mariner (CBL-Mariner) Security Update for screen (7356)
- 908078 Common Base Linux Mariner (CBL-Mariner) Security Update for screen (7356-1)
