Home

CVE-2022-24130

Description

xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.387

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2022:3952-1(SUSE Linux Enterprise Server 12-SP5 ) xterm-308-5.6.1.x86_64.rpmLinux
SUSE-SU-2022:3952-1(SUSE Linux Enterprise Server 12-SP5 ) xterm-debuginfo-308-5.6.1.x86_64.rpmLinux
SUSE-SU-2022:3952-1(SUSE Linux Enterprise Server 12-SP5 ) xterm-debugsource-308-5.6.1.x86_64.rpmLinux
SUSE-SU-2022:3953-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) xterm-330-150200.11.6.1.x86_64.rpmLinux
SUSE-SU-2022:3953-1(SUSE Linux Enterprise Module for Basesystem 15-SP4 ) xterm-330-150200.11.6.1.x86_64_15_SP4.rpmLinux
SUSE-SU-2022:3953-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) xterm-bin-330-150200.11.6.1.x86_64.rpmLinux
SUSE-SU-2022:3953-1(SUSE Linux Enterprise Module for Basesystem 15-SP4 ) xterm-bin-330-150200.11.6.1.x86_64_15_SP4.rpmLinux
xterm update (CESAS-2025-0143) CESAS-2025-0032 xterm-resize-366-11.el9.x86_64.rpmLinux
xterm update (CESAS-2025-0144) CESAS-2025-0032 xterm-366-11.el9.x86_64.rpmLinux
rv update (CESAS-2025-0144) CESAS-2025-0032 rv-5.14.0-599.el9.x86_64.rpmLinux
rtla update (CESAS-2025-0144) CESAS-2025-0032 rtla-5.14.0-599.el9.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234