tmux stack buffer overflow in function input_csi_dispatch_sgr_colon
CVE-2020-27347

8.8HIGH

Key Information:

Vendor: Tmux
Status: Tmux
Vendor: CVE Published:; 6 November 2020

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2020-27347?

In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

Affected Version(s)

tmux < 3.1c

tmux 3.1b < 3.1b-1ubuntu0.1

tmux 3.0a < 3.0a-2ubuntu0.2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

tmux-fuzzing
Created by lucadibello

References

https://github.com/tmux/tmux/commit/a868bacb46e3c900530be...

x_refsource_MISC

https://www.openwall.com/lists/oss-security/2020/11/05/3

x_refsource_MISC

https://security.gentoo.org/glsa/202011-10

vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
May 16, 2025
👾
Exploit known to exist
May 16, 2025
Vulnerability published
Nov 6, 2020
Vulnerability Reserved
Oct 20, 2020

Credit

Sergey Nizovtsev

CVE-2020-27347 Data

JSON

Tmux

Badges

What is CVE-2020-27347?

Affected Version(s)

Exploit Proof of Concept (PoC)

References

CVSS V3.1

Timeline

Credit