Описание
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| ncurses | fixed | 6.0+20170827-1 | package | |
| ncurses | fixed | 6.0+20161126-1+deb9u1 | stretch | package |
| ncurses | fixed | 5.9+20140913-1+deb8u1 | jessie | package |
| ncurses | ignored | wheezy | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=1484274
Связанные уязвимости
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
