In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ncurses | Gnu | 6.0 (including) | 6.0 (including) |
Ncurses | Ubuntu | artful | * |
Ncurses | Ubuntu | esm-infra/xenial | * |
Ncurses | Ubuntu | precise/esm | * |
Ncurses | Ubuntu | trusty | * |
Ncurses | Ubuntu | trusty/esm | * |
Ncurses | Ubuntu | upstream | * |
Ncurses | Ubuntu | vivid/ubuntu-core | * |
Ncurses | Ubuntu | xenial | * |
Ncurses | Ubuntu | yakkety | * |
Ncurses | Ubuntu | zesty | * |