1927062 – (CVE-2021-26937) CVE-2021-26937 screen: crash when processing combining chars

Bug 1927062 (CVE-2021-26937) - CVE-2021-26937 screen: crash when processing combining chars

Summary: CVE-2021-26937 screen: crash when processing combining chars

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2021-26937
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1926949 (view as bug list)
Depends On:	1927063 1927064 1927065 1927066 2048282
Blocks:	1927067
TreeView+	depends on / blocked

Reported:	2021-02-10 00:33 UTC by Doran Moppert
Modified:	2024-06-14 00:13 UTC (History)
CC List:	10 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2021-03-08 13:01:52 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2021:0742	0	None	None	None	2021-03-08 10:30:07 UTC
Red Hat Product Errata	RHSA-2022:1074	0	None	None	None	2022-03-28 10:30:58 UTC

Description Doran Moppert 2021-02-10 00:33:43 UTC

A crash was reported in gnu screen when processing a specially crafted sequence of combining characters.  The cause is an out of bounds write, which may be exploitable to cause arbitrary code execution.

https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html
https://www.openwall.com/lists/oss-security/2021/02/09/3

Upstream bug:

https://savannah.gnu.org/bugs/?60030

Comment 1 Doran Moppert 2021-02-10 00:37:44 UTC

Created gnome-screensaver tracking bugs for this issue:

Affects: fedora-all [bug 1927066]

Comment 3 Pedro Sampaio 2021-02-10 12:23:58 UTC

*** Bug 1926949 has been marked as a duplicate of this bug. ***

Comment 4 Doran Moppert 2021-02-11 01:18:16 UTC

Mitigation:

This flaw is in utf8 processing; if your screen configuration does not enable utf8 (through configuration such as "defencoding utf-8" in .screenrc), you are not vulnerable.

Comment 9 errata-xmlrpc 2021-03-08 10:30:06 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:0742 https://access.redhat.com/errata/RHSA-2021:0742

Comment 10 Product Security DevOps Team 2021-03-08 13:01:52 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-26937

Comment 12 errata-xmlrpc 2022-03-28 10:30:55 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Advanced Update Support
  Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.7 Telco Extended Update Support

Via RHSA-2022:1074 https://access.redhat.com/errata/RHSA-2022:1074

Note You need to log in before you can comment on or make changes to this bug.