Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Ubuntu 20.10 and 20.04: USN-4618-1 Moderate: tmux Code Execution Risk

ubuntu
Calendar Grey November 5, 2020
Dist Ubuntu Esm H88
A newly discovered tmux exploit might enable system crashes or unauthorized code execution through specially designed inputs in Ubuntu versions 20.04 LTS and 20.10.
tmux could be made to crash or execute arbitrary code if it received a specially crafted input.

Summary

tmux could be made to crash or execute arbitrary code if it received

a specially crafted input.

Software Description:

- tmux: terminal multiplexer

Details:

Sergey Nizovtsev discovered that tmux incorrectly handled some inputs.

An attacker could possibly use this issue to cause a crash or execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
  tmux                            3.1b-1ubuntu0.1

Ubuntu 20.04 LTS:
  tmux                            3.0a-2ubuntu0.2

After a standard system update you need to restart tmux session to make
all the necessary changes.

References

CVE-2020-27347

November 05, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here