Описание
The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.
A flaw was found in ncurses. This vulnerability, a buffer overflow, exists within the analyze_string() function. An attacker could potentially exploit this to execute unauthorized code on the affected system, which might lead to a denial of service in the affected application, the corruption of data, or sensitive information being revealed to an attacker.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | ncurses | Not affected | ||
| Red Hat Enterprise Linux 7 | ncurses | Not affected | ||
| Red Hat Enterprise Linux 8 | ncurses | Not affected | ||
| Red Hat Enterprise Linux 9 | ncurses | Not affected | ||
| Red Hat OpenShift Container Platform 4 | rhcos | Not affected | ||
| Red Hat Enterprise Linux 10 | ncurses | Fixed | RHSA-2026:5913 | 26.03.2026 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
7.3 High
CVSS3
Связанные уязвимости
The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.
The infocmp command-line tool in ncurses before 6.5-20251213 has a sta ...
ncurses v6.5 and v6.4 are vulnerable to Buffer Overflow in progs/infocmp.c, function analyze_string().
7.3 High
CVSS3