CVE-2011-2198

Publication date 21 May 2014

Last updated 24 July 2024

Ubuntu priority

Low

Why this priority?

The “insert-blank-characters” capability in caps.c in gnome-terminal (vte) before 0.28.1 allows remote authenticated users to cause a denial of service (CPU and memory consumption and crash) via a crafted file, as demonstrated by a file containing the string ”\033[100000000000000000@”.

Read the notes from the security team

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
vte 13.04 raring
Not affected
12.10 quantal
Not affected
12.04 LTS precise
Not affected
11.10 oneiric
Not affected
11.04 natty Ignored end of life
10.10 maverick Ignored end of life
10.04 LTS lucid Ignored end of life
8.04 LTS hardy Ignored end of life

Notes

jdstrand

user-assisted denial of service (memory exhaustion)

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
vte