CVE-2023-29491 – ncurses: Local users can trigger security-relevant memory corruption via malformed data
https://notcve.org/view.php?id=CVE-2023-29491
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. A vulnerability was found in ncurses and occurs when used by a setuid application. This flaw allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. • http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56 http://www.openwall.com/lists/oss-security/2023/04/19/10 http://www.openwall.com/lists/oss-security/2023/04/19/11 https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT https://security.netapp.com/advisory/ntap-20230517-0009 https://support.apple.com/kb/HT213843 https • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-29458
https://notcve.org/view.php?id=CVE-2022-29458
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. ncurses versiones 6.3 anteriores al parche 20220416, presentan una lectura fuera de límites y una violación de segmentación en el archivo convert_strings en tinfo/read_entry.c en la biblioteca terminfo • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html https://support.apple.com/kb/HT213488 • CWE-125: Out-of-bounds Read •
CVE-2021-39537
https://notcve.org/view.php?id=CVE-2021-39537
An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Se ha detectado un problema en ncurses versiones hasta v6.2-1. La función _nc_captoinfo en el archivo captoinfo.c presenta un desbordamiento de búfer en la región heap de la memoria • http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/43 http://seclists.org/fulldisclosure/2022/Oct/45 https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html https://lists.gnu • CWE-787: Out-of-bounds Write •
CVE-2019-17594 – ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c
https://notcve.org/view.php?id=CVE-2019-17594
There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función _nc_find_entry en tinfo/comp_hash.c la biblioteca terminfo en ncurses en versiones anteriores a la 6.1-20191012. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html https://security.gentoo.org/glsa/202101-28 https://access.redhat.com/security/cve/CVE-2019-17594 https://bugzilla.redhat.com/show_bug.cgi?id=1766745 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVE-2019-17595 – ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c
https://notcve.org/view.php?id=CVE-2019-17595
There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función fmt_entry en tinfo/comp_hash.c en la biblioteca terminfo en ncurses en versiones anteriores a la 6.1-20191012. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html https://security.gentoo.org/glsa/202101-28 https://access.redhat.com/security/cve/CVE-2019-17595 https://bugzilla.redhat.com/show_bug.cgi?id=1766617 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •