Project

General

Profile

Bug #9282

Bug #9281: ncurses: NULL Pointer Dereference in _nc_parse_entry function in tinfo/parse_entry.c. (CVE-2018-10754)

[3.8] ncurses: NULL Pointer Dereference in _nc_parse_entry function in tinfo/parse_entry.c. (CVE-2018-10754)

Added by Alicha CH 8 months ago. Updated 8 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
08/20/2018
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

A flaw was found in ncurses before 6.1.20180414, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to
a remote denial of service if the terminfo library code is used to process untrusted terminfo data in which a use-name is invalid syntax.

Fixed In Version:

ncurses 6.1.20180414

References:

https://nvd.nist.gov/vuln/detail/CVE-2018-10754


Related issues

Copied from Alpine Linux - Bug #9281: ncurses: NULL Pointer Dereference in _nc_parse_entry function in tinfo/parse_entry.c. (CVE-2018-10754)Closed08/20/2018

Associated revisions

Revision b01bcbc9 (diff)
Added by Natanael Copa 8 months ago

main/ncurses: upgrade to 6.1_p20180818

fixes #9282

History

#1 Updated by Alicha CH 8 months ago

  • Copied from Bug #9281: ncurses: NULL Pointer Dereference in _nc_parse_entry function in tinfo/parse_entry.c. (CVE-2018-10754) added

#2 Updated by Natanael Copa 8 months ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#3 Updated by Alicha CH 8 months ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Security IDs deleted (CVE-2018-10754)

#4 Updated by Alicha CH 8 months ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF