CLSA-2022-1669242003

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2022-1669242003.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2022-1669242003
Upstream
Published
2022-11-23T22:20:03Z
Modified
2026-06-04T09:46:04.699462075Z
Summary
Fix CVE(s): CVE-2022-45063
Details
  • SECURITY UPDATE: possible RCE when using OSC 50 sequence
    • debian/patches/CVE-2022-45063.patch: Improve error recovery when setting a bitmap font for the VT100 window, e.g., in case OSC 50 failed, restoring the most recent valid font so that a subsequent OSC 50 reports this correctly.
    • CVE-2022-45063
    • debian/patches/extrasafetytostringcomparisonfunctions.patch: Add NULL pointer checks in xstrcasecmp() and x_strncasecmp() to help with error recovery for a missing font.
References

Affected packages

TuxCare:Ubuntu:16.04 / xterm

Package

Name
xterm
Purl
pkg:deb/tuxcare/xterm?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
322-1ubuntu1.2+tuxcare.els1

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2022-1669242003.json"