Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 494
Alerts This Week
Warning Icon 1 494

Mageia 8 MGASA-2022-0459 Urgent: Rxvt-Unicode Remote Code Exploit Risk

mageia
Calendar Grey December 13, 2022
Dist Mageia Esm H88
Recent updates to rxvt-unicode packages fix a security vulnerability, posing a risk of remote code execution for users of Mageia 8.
rxvt-unicode 9.25 and 9.26 are vulnerable to remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certa...

Summary

rxvt-unicode 9.25 and 9.26 are vulnerable to remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. (CVE-2022-4170)

References

- https://bugs.mageia.org/show_bug.cgi?id=31226

- https://www.openwall.com/lists/oss-security/2022/12/05/1

- https://www.cve.org/CVERecord?id=CVE-2022-4170

Resolution

SRPMS

- 8/core/rxvt-unicode-9.26-1.1.mga8

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 13 Dec 2022
URL: https://advisories.mageia.org/MGASA-2022-0459.html
Type: security
CVE: CVE-2022-4170

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.