Hi Romain, On Thu, Nov 22, 2018 at 06:26:59PM +0100, Romain Francoise wrote: > Hi Salvatore, > > On Wed, Nov 21, 2018 at 8:57 PM Salvatore Bonaccorso <car...@debian.org> > wrote: > > The following vulnerability was published for tmux, the security > > impact is disputable, but just filling this bug for tracking a future > > fix. > > Thanks for the report. Do you know who assigned the CVE id and what > their reasons were? Also, who noted that there is no security impact > in the tracker (if that is really the case I'd rather just close this > bug).
The CVE was assigned by the MITRE CNA itself, but unclear who requested it. Regarding the tracker: that was me and Moritz, but I filled this bug explicitly for trackability of the commit[1] so I can update the fixed version once it will land in a release. This is as well the reason why it is marked 'unimportant' to indicate there is no realy (or there is a negligable) security impact (as well why it is just as minor severity). So the bug can just be closed as soon [1] lands in an update. The "attack" scenario described as follows, that an attacker can cause a denial of service (tmux crash) by "by arranging for a malloc failure" triggering the issue in format_cb_pane_tabs in format.c Does this helps? Regards, Salvatore [1] https://github.com/tmux/tmux/commit/749f67b7d801eed03345fef9c04206fbd079c3cb
