---

CVE-2021-27135 - log back

CVE-2021-27135 edited at 11 Feb 2021 08:15:55
References	https://www.openwall.com/lists/oss-security/2021/02/09/7 https://www.openwall.com/lists/oss-security/2021/02/09/9 - https://www.openwall.com/lists/oss-security/2021/02/10/7 https://invisible-island.net/xterm/xterm.log.html#xterm_366 + https://github.com/ThomasDickey/xterm-snapshots/commit/82ba55b8f994ab30ff561a347b82ea340ba7075c

CVE-2021-27135 edited at 11 Feb 2021 08:07:06
Description	- xterm through Patch #365 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted UTF-8 character sequence. + xterm up to patch #365 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted UTF-8 character sequence. The issue is fixed in patch #366.
References	https://www.openwall.com/lists/oss-security/2021/02/09/7 https://www.openwall.com/lists/oss-security/2021/02/09/9 https://www.openwall.com/lists/oss-security/2021/02/10/7 + https://invisible-island.net/xterm/xterm.log.html#xterm_366

CVE-2021-27135 edited at 10 Feb 2021 21:36:28
Description	- In xterm before version 366, an attacker could cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence. + xterm through Patch #365 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted UTF-8 character sequence.

CVE-2021-27135 edited at 10 Feb 2021 16:24:58
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Arbitrary code execution
Description	+ In xterm before version 366, an attacker could cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.
References	+ https://www.openwall.com/lists/oss-security/2021/02/09/7 + https://www.openwall.com/lists/oss-security/2021/02/09/9 + https://www.openwall.com/lists/oss-security/2021/02/10/7
Notes

CVE-2021-27135 created at 10 Feb 2021 16:21:08