A flaw was found in screen. A specially crafted sequence of combining characters could cause an out of bounds write leading to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | screen | 2021-04-07 00:18 | ALAS-2021-1492 |
Amazon Linux 2 - Core | screen | 2021-03-25 18:31 | ALAS2-2021-1623 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv3 | 9.6 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
NVD | CVSSv2 | 7.5 | AV:N/AC:L/Au:N/C:P/I:P/A:P |
NVD | CVSSv3 | 9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |