CVE-2015-6806

EPSS 0.64%

screen - security update

Published: 9/28/2015Modified: 4/28/2026

Description

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service (stack consumption) via an escape sequence with a large repeat count value.

Affected packages (3)

Debian/screenfrom 0, < 4.3.1-2
Debian/screenfrom 0, < 4.0.3-14+deb6u1
Debian/screenfrom 0, < 4.1.0~20120320gitdb59704-7+deb7u1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-6806