Home

CVE-2021-26937

Description

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
12.654

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2021:0491-1(SUSE Linux Enterprise Server 12-SP5 ) screen-4.0.4-23.6.1.x86_64.rpmLinux
SUSE-SU-2021:0491-1(SUSE Linux Enterprise Server 12-SP5 ) screen-debuginfo-4.0.4-23.6.1.x86_64.rpmLinux
SUSE-SU-2021:0491-1(SUSE Linux Enterprise Server 12-SP5 ) screen-debugsource-4.0.4-23.6.1.x86_64.rpmLinux
screen security update(DSA-4861-1) screen_4.6.2-3+deb10u1_i386.debLinux
screen security update(DSA-4861-1) screen_4.6.2-3+deb10u1_amd64.debLinux
terminal multiplexer with VT100/ANSI terminal emulation (USN-4747-1) screen_4.3.1-2ubuntu0.1_i386.debLinux
terminal multiplexer with VT100/ANSI terminal emulation (USN-4747-1) screen_4.3.1-2ubuntu0.1_amd64.debLinux
terminal multiplexer with VT100/ANSI terminal emulation (USN-4747-1) screen_4.6.2-1ubuntu1.1_i386.debLinux
terminal multiplexer with VT100/ANSI terminal emulation (USN-4747-1) screen_4.6.2-1ubuntu1.1_amd64.debLinux
terminal multiplexer with VT100/ANSI terminal emulation (USN-4747-1) screen_4.8.0-1ubuntu0.1_amd64.debLinux
terminal multiplexer with VT100/ANSI terminal emulation (USN-4747-1) screen_4.8.0-2ubuntu0.1_amd64.debLinux
(RHSA-2021:0742) screen security update screen-4.1.0-0.27.20120314git3c2946.el7_9.x86_64.rpmLinux
Screen update (ELSA-2021-0742) screen-4.1.0-0.27.20120314git3c2946.el7_9.x86_64.rpmLinux
(CESA-2021:0742) screen security update screen-4.1.0-0.27.20120314git3c2946.el7_9.x86_64.rpmLinux
SUSE-SU-2021:0492-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) screen-4.6.2-5.3.1.x86_64_15_SP3.rpmLinux
SUSE-SU-2021:0492-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) screen-debuginfo-4.6.2-5.3.1.x86_64_15_SP3.rpmLinux
SUSE-SU-2021:0492-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) screen-debugsource-4.6.2-5.3.1.x86_64_15_SP3.rpmLinux
(RHSA-2021:0742)Important: security update screen-debuginfo-4.1.0-0.27.20120314git3c2946.el7_9.x86_64.rpmLinux
Improper Neutralization of Argument Delimiters in a Command (Argument Injection) Vulnerability (CVE-2021-26937)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234