253515 – sysutils/screen: CVE-2021-26937

Bug 253515 - sysutils/screen: CVE-2021-26937

Summary: sysutils/screen: CVE-2021-26937

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	Cy Schubert

URL:
Keywords:

Depends on:
Blocks:

Reported:	2021-02-14 18:14 UTC by Daniel Engberg
Modified:	2021-03-27 03:00 UTC (History)
CC List:	1 user (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (cy)

Attachments
Patch (3.03 KB, patch) 2021-02-14 19:41 UTC, Cy Schubert	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Engberg freebsd_committer

2021-02-14 18:14:26 UTC

Not a users but it's still a popular port
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26937

Comment 1 Cy Schubert freebsd_committer

2021-02-14 18:59:43 UTC

No upstream patch exists yet. Will need to cobble something up ourselves.

Comment 2 Cy Schubert freebsd_committer

2021-02-14 19:01:02 UTC

Can you provide the exploit to to me, please. I would like to try to use it to create a patch. Thank you.

Comment 3 Cy Schubert freebsd_committer

2021-02-14 19:41:53 UTC

Created attachment 222444 [details]
Patch

Found a patch. Need to test it against the exploit. If anyone can point to the exploit script.

Comment 4 Cy Schubert freebsd_committer

2021-02-14 20:43:52 UTC

The exploit at https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html doesn't work on FreeBSD.

Comment 5 commit-hook freebsd_committer

2021-02-15 01:36:23 UTC

A commit references this bug:

Author: cy
Date: Mon Feb 15 01:35:36 UTC 2021
New revision: 565281
URL: https://svnweb.freebsd.org/changeset/ports/565281

Log:
  Fix CVE-2021-26937: segfaults by displaying some UTF-8 characters

  CVE-2021-26937 segfaults when displayingsome UTF-8 characters
  described in
  https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html.

  PR:		253515
  Reported by:	daniel.engberg.lists at pyret.net
  Obtained from:	https://build.opensuse.org/request/show/871482
  MFH:		2020Q1
  Security:	CVE-2021-26937

Changes:
  head/sysutils/screen/Makefile
  head/sysutils/screen/files/patch-ansi.c
  head/sysutils/screen/files/patch-encoding.c

Comment 6 commit-hook freebsd_committer

2021-02-15 19:18:18 UTC

A commit references this bug:

Author: cy
Date: Mon Feb 15 19:17:28 UTC 2021
New revision: 565328
URL: https://svnweb.freebsd.org/changeset/ports/565328

Log:
  Revert r565281. It breaks UTF-8.

  Reported by:	Trond.Endrestol at ximalas.info
  		Christos Chatzaras <chris at cretaforce.gr>
  PR:		253515

Changes:
  head/sysutils/screen/Makefile
  head/sysutils/screen/files/patch-ansi.c
  head/sysutils/screen/files/patch-encoding.c

Comment 7 Cy Schubert freebsd_committer

2021-02-15 19:54:22 UTC

The OpenSuSE patch breaks screen. The upstream bug is marked private and no commits have been made to the upstream git repo.

Comment 8 commit-hook freebsd_committer

2021-02-16 00:45:16 UTC

A commit references this bug:

Author: cy
Date: Tue Feb 16 00:45:10 UTC 2021
New revision: 565376
URL: https://svnweb.freebsd.org/changeset/ports/565376

Log:
  Fix CVE-2021-26937 for real: segfaults by displaying some UTF-8 characters

  This is a recommit of r565281 fixing a typo in r565281, causing
  a regression.

  CVE-2021-26937 segfaults when displayingsome UTF-8 characters
  described in
  https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html.

  PR:		253515
  Reported by:	daniel.engberg.lists at pyret.net
  Obtained from:	https://build.opensuse.org/request/show/871482
  MFH:		2020Q1
  Security:	CVE-2021-26937

Changes:
  head/sysutils/screen/Makefile
  head/sysutils/screen/files/patch-ansi.c
  head/sysutils/screen/files/patch-encoding.c

Comment 9 Cy Schubert freebsd_committer

2021-03-27 03:00:07 UTC

Fixed.