2163604 – (CVE-2022-47016) CVE-2022-47016 tmux: null pointer dereference in window_pane_set_event() in window.c

Bug 2163604 (CVE-2022-47016) - CVE-2022-47016 tmux: null pointer dereference in window_pane_set_event() in window.c

Summary: CVE-2022-47016 tmux: null pointer dereference in window_pane_set_event() in w...

Keywords:
Status:	NEW
Alias:	CVE-2022-47016
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2163605 2163653 2163654
Blocks:	2163513
TreeView+	depends on / blocked

Reported:	2023-01-24 04:22 UTC by TEJ RATHI
Modified:	2023-07-07 08:35 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description TEJ RATHI 2023-01-24 04:22:55 UTC

A null pointer dereference issue was discovered in function window_pane_set_event in window.c in tmux 3.0 thru 3.3 allows attackers to cause denial of service or other unspecified impacts.

https://github.com/tmux/tmux/issues/3312
https://github.com/tmux/tmux/issues/3447
https://github.com/tmux/tmux/commit/e86752820993a00e3d28350cbe46878ba95d9012

Comment 1 TEJ RATHI 2023-01-24 04:23:28 UTC

Created tmux tracking bugs for this issue:

Affects: fedora-all [bug 2163605]

Note You need to log in before you can comment on or make changes to this bug.