[ GLSA 202011-10 ] tmux

[GLSA]

Gentoo Linux Security Advisory

Title: tmux: Buffer overflow (GLSA 202011-10)
Severity: normal
Exploitable: remote
Date: 2020-11-11
Bug(s): #753206
ID: 202011-10

Synopsis

A buffer overflow in tmux might allow remote attacker(s) to execute
arbitrary code.


Background

tmux is a terminal multiplexer.

Affected Packages

Package: app-misc/tmux
Vulnerable: < 3.1c
Unaffected: >= 3.1c
Architectures: All supported architectures


Description

A flaw in tmux’s handling of escape characters was discovered which
may allow a buffer overflow.


Impact

A remote attacker could possibly execute arbitrary code with the
privileges of the process, or cause a Denial of Service condition.


Workaround

There is no known workaround at this time.

Resolution

All tmux users should upgrade to the latest version: