Mageia 2022-0459: rxvt-unicode security update | LinuxSecurity.com
MGASA-2022-0459 - Updated rxvt-unicode packages fix security vulnerability

Publication date: 13 Dec 2022
URL: https://advisories.mageia.org/MGASA-2022-0459.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-4170

rxvt-unicode 9.25 and 9.26 are vulnerable to remote code execution, in the
Perl background extension, when an attacker can control the data written
to the user's terminal and certain options are set. (CVE-2022-4170)

References:
- https://bugs.mageia.org/show_bug.cgi?id=31226
- https://www.openwall.com/lists/oss-security/2022/12/05/1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4170

SRPMS:
- 8/core/rxvt-unicode-9.26-1.1.mga8

Mageia 2022-0459: rxvt-unicode security update

rxvt-unicode 9.25 and 9.26 are vulnerable to remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certa...

Summary

rxvt-unicode 9.25 and 9.26 are vulnerable to remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. (CVE-2022-4170)

References

- https://bugs.mageia.org/show_bug.cgi?id=31226

- https://www.openwall.com/lists/oss-security/2022/12/05/1

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4170

Resolution

MGASA-2022-0459 - Updated rxvt-unicode packages fix security vulnerability

SRPMS

- 8/core/rxvt-unicode-9.26-1.1.mga8

Severity
Publication date: 13 Dec 2022
URL: https://advisories.mageia.org/MGASA-2022-0459.html
Type: security
CVE: CVE-2022-4170

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.