It was discovered that tmux did not properly handle certain input. An attacker could use this flaw to cause an out-of-bounds read by tricking a user into displaying specially crafted input within a tmux session.
An out-of-bounds heap read vulnerability was found in tmux.
Upstream bug (including reproducer):
Created tmux tracking bugs for this issue:
Affects: fedora-all [bug 1279437]
Affects: epel-5 [bug 1279438]
Affects: epel-6 [bug 1279439]
tmux-2.2-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.