Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 538
Alerts This Week
Warning Icon 1 538

Ubuntu 20.04 LTS USN-4746-1 Moderate: xterm Denial of Service Issue

ubuntu
Calendar Grey February 24, 2021
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-4746-1 reveals a critical vulnerability in xterm that may cause crashes or allow remote code execution, urging users to update their installations promptly
xterm could be made to crash or run programs if it handled specially crafted character sequences.

Summary

xterm could be made to crash or run programs if it handled specially

crafted character sequences.

Software Description:

- xterm: X terminal emulator

Details:

Tavis Ormandy discovered that xterm incorrectly handled certain character

sequences. A remote attacker could use this issue to cause xterm to crash,

resulting in a denial of service, or possibly execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
  xterm                           353-1ubuntu1.20.10.2

Ubuntu 20.04 LTS:
  xterm                           353-1ubuntu1.20.04.2

Ubuntu 18.04 LTS:
  xterm                           330-1ubuntu2.2

Ubuntu 16.04 LTS:
  xterm                           322-1ubuntu1.2

In general, a standard system update will make all the necessary changes.

References

CVE-2021-27135

February 24, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.