CVE-2015-6806

Priority
Description
The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not
properly limit recursion, which allows remote attackers to cause a denial
of service (stack consumption) via an escape sequence with a large repeat
count value.
Ubuntu-Description
It was discovered that GNU screen mishandled certain crafted input. An attacker
could use this vulnerability to cause a denial of service.
Notes
Package
Upstream:released (4.3.1-2)
Ubuntu 12.04 ESM (Precise Pangolin):released (4.0.3-14ubuntu8.1)
Ubuntu 14.04 ESM (Trusty Tahr):released (4.1.0~20120320gitdb59704-9ubuntu0.1~esm1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.3.1-2)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.3.1-2)
Patches:
Upstream:http://git.savannah.gnu.org/cgit/screen.git/commit/?id=c336a32a1dcd445e6b83827f83531d4c6414e2cd
More Information

Updated: 2020-07-28 19:55:08 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)