Acknowledged
Created: Nov 10, 2022
Updated: Nov 14, 2022
Found In Version: 10.19.45.1
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.
CREATE(Triage):(User=admin) CVE-2022-45063 (https://nvd.nist.gov/vuln/detail/CVE-2022-45063)