Bug 2048676 (CVE-2022-24130) - CVE-2022-24130 xterm: Buffer overflow in set_sixel in graphics_sixel.c
Summary: CVE-2022-24130 xterm: Buffer overflow in set_sixel in graphics_sixel.c
Keywords:
Status: NEW
Alias: CVE-2022-24130
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2048677 2050673
Blocks: 2048678
TreeView+ depends on / blocked
 
Reported: 2022-01-31 17:18 UTC by Pedro Sampaio
Modified: 2023-10-25 17:21 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A buffer-overflow vulnerability was found in xterm's set_sixel() function in the 'graphics_sixel.c' file. This flaw allows an attacker to trigger a buffer overflow via crafted text when the sixel-graphics functionality is enabled. This issue causes xterm to crash, affecting the availability of an application, leading to a denial of service.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Pedro Sampaio 2022-01-31 17:18:26 UTC 
xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.

References:

https://invisible-island.net/xterm/xterm.log.html
https://www.openwall.com/lists/oss-security/2022/01/30/2
https://www.openwall.com/lists/oss-security/2022/01/30/3
https://twitter.com/nickblack/status/1487731459398025216
Comment 1 Pedro Sampaio 2022-01-31 17:18:48 UTC 
Created xterm tracking bugs for this issue:

Affects: fedora-all [bug 2048677]
Comment 2 juneau 2022-01-31 19:50:28 UTC 
Marking services-openshift-cluster-manager affected/delegated for presence of affected code found in the following containers:
- https://quay.io/app-sre/selenium-standalone-chrome-debug:latest
- https://quay.io/app-sre/selenium-standalone-firefox-debug:latest
Note You need to log in before you can comment on or make changes to this bug.