CVE-2020-27347

Summary

In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

Affected Software

VendorProductVersion RangeStatus
tmuxtmuxunspecified < 3.1caffected
Ubuntutmux3.1b < 3.1b-1ubuntu0.1affected
Ubuntutmux3.0a < 3.0a-2ubuntu0.2affected

Weaknesses

  • CWE-121: CWE-121 Stack-based Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References