CVE-2020-35605

Related Files

Ubuntu Security Notice USN-5659-1

Posted Oct 6, 2022

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5659-1 - Stephane Chauveau discovered that kitty incorrectly handled image filenames with special characters in error messages. A remote attacker could possibly use this to execute arbitrary commands. This issue only affected Ubuntu 20.04 LTS. Carter Sande discovered that kitty incorrectly handled escape sequences in desktop notifications. A remote attacker could possibly use this to execute arbitrary commands. This issue only affected Ubuntu 22.04 LTS.

tags | advisory, remote, arbitrary

systems | linux, ubuntu

advisories | CVE-2020-35605, CVE-2022-41322

SHA-256 | fa57e73e3b07d36bf4ac874fef6c6c3c4b25c5e045507d22af44475c60e47b84

Download | Favorite | View

Debian Security Advisory 4819-1

Posted Dec 28, 2020

Authored by Debian | Site debian.org

Debian Linux Security Advisory 4819-1 - Stephane Chauveau discovered that the graphics protocol implementation in Kitty, a GPU-based terminal emulator, did not sanitise a filename when returning an error message, which could result in the execution of arbitrary shell commands when displaying a file with cat.

tags | advisory, arbitrary, shell, protocol

systems | linux, debian

advisories | CVE-2020-35605

SHA-256 | f6317a49d2923fe8f53b7672c8fb7c1f2edf2679a5c2d33218c92950955b63e6

Download | Favorite | View