Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Ubuntu 20.04 LTS USN-4746-1 Moderate: xterm Denial of Service Issue

Calendar Feb 24, 2021 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory moderate denial of service remote code execution DoS Ubuntu xterm
xterm could be made to crash or run programs if it handled specially crafted character sequences. 
=========================================================================Ubuntu Security Notice USN-4746-1
February 24, 2021

xterm vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

xterm could be made to crash or run programs if it handled specially
crafted character sequences.

Software Description:
- xterm: X terminal emulator

Details:

Tavis Ormandy discovered that xterm incorrectly handled certain character
sequences. A remote attacker could use this issue to cause xterm to crash,
resulting in a denial of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
  xterm                           353-1ubuntu1.20.10.2

Ubuntu 20.04 LTS:
  xterm                           353-1ubuntu1.20.04.2

Ubuntu 18.04 LTS:
  xterm                           330-1ubuntu2.2

Ubuntu 16.04 LTS:
  xterm                           322-1ubuntu1.2

In general, a standard system update will make all the necessary changes.

References:
  
  CVE-2021-27135

Package Information:
  https://launchpad.net/ubuntu/+source/xterm/353-1ubuntu1.20.10.2
  https://launchpad.net/ubuntu/+source/xterm/353-1ubuntu1.20.04.2
  https://launchpad.net/ubuntu/+source/xterm/330-1ubuntu2.2
  https://launchpad.net/ubuntu/+source/xterm/322-1ubuntu1.2

Ubuntu 20.04 LTS USN-4746-1 Moderate: xterm Denial of Service Issue

ubuntu
Calendar Grey February 24, 2021
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-4746-1 reveals a critical vulnerability in xterm that may cause crashes or allow remote code execution, urging users to update their installations promptly
xterm could be made to crash or run programs if it handled specially crafted character sequences.

Summary

Topics%20covered

Topics Covered

security advisory moderate denial of service remote code execution DoS Ubuntu xterm

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: xterm 353-1ubuntu1.20.10.2 Ubuntu 20.04 LTS: xterm 353-1ubuntu1.20.04.2 Ubuntu 18.04 LTS: xterm 330-1ubuntu2.2 Ubuntu 16.04 LTS: xterm 322-1ubuntu1.2 In general, a standard system update will make all the necessary changes.

References

CVE-2021-27135

February 24, 2021

Topics%20covered

Topics Covered

security advisory moderate denial of service remote code execution DoS Ubuntu xterm

Package Information

https://launchpad.net/ubuntu/+source/xterm/353-1ubuntu1.20.10.2 https://launchpad.net/ubuntu/+source/xterm/353-1ubuntu1.20.04.2 https://launchpad.net/ubuntu/+source/xterm/330-1ubuntu2.2 https://launchpad.net/ubuntu/+source/xterm/322-1ubuntu1.2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here