CVE-2015-6806

Priority
Description
The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not
properly limit recursion, which allows remote attackers to cause a denial
of service (stack consumption) via an escape sequence with a large repeat
count value.
Ubuntu-Description
It was discovered that GNU screen mishandled certain crafted input. An attacker
could use this vulnerability to cause a denial of service.
Notes
Package
Upstream:released (4.3.1-2)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.3.1-2)
Ubuntu 16.04 ESM (Xenial Xerus):not-affected (4.3.1-2)
Ubuntu 14.04 ESM (Trusty Tahr):released (4.1.0~20120320gitdb59704-9ubuntu0.1~esm1)
Ubuntu 20.04 FIPS Compliant (Focal Fossa):not-affected (4.3.1-2)
Patches:
Upstream:http://git.savannah.gnu.org/cgit/screen.git/commit/?id=c336a32a1dcd445e6b83827f83531d4c6414e2cd
More Information

Updated: 2022-02-11 01:01:40 UTC (commit acb3d89ab51f1d5e5543fa993969c0eb13c71f04)