INFSA-2025:14075: xterm security update
Information about definition
Identificator: INFSA-2025:14075
Type: security
Release date: 2025-08-27 16:20:20 UTC
Information about package
The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly.
Vulnerabilities description
- CVE-2022-24130
A buffer-overflow vulnerability was found in xterm's set_sixel() function in the 'graphics_sixel.c' file. This flaw allows an attacker to trigger a buffer overflow via crafted text when the sixel-graphics functionality is enabled. This issue causes xterm to crash, affecting the availability of an application, leading to a denial of service.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2022-24130
|
no information | 5.5 | no information |
Updated packages