A buffer overflow in GNU Screen might allow remote attackers to corrupt memory.
|Package||app-misc/screen on all architectures|
|Affected versions||< 4.8.0|
|Unaffected versions||>= 4.8.0|
GNU Screen is a full-screen window manager that multiplexes a physical terminal between several processes, typically interactive shells.
A buffer overflow was found in the way GNU Screen treated the special escape OSC 49.
A remote attacker, by writing a specially crafted string of characters to a GNU Screen window, could possibly corrupt memory or have other unspecified impact.
There is no known workaround at this time.
All GNU Screen users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-misc/screen-4.8.0"
March 30, 2020
March 30, 2020: 1