CVE-2017-11112

Published: 7/8/2017 Last updated: 8/5/2024 Reserved: 7/8/2017

In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (6)

bap-llvm clangml conf-mingw-w64-ncurses-i686 conf-mingw-w64-ncurses-x86_64 conf-ncurses curses

Products affected (1)

Product	Vendor	Version
n/a	n/a	< 9dfc15a10dfd44f8ff7f27488651cb5be6af83c2

References (4)

https://security.gentoo.org/glsa/201804-13
https://bugzilla.redhat.com/show_bug.cgi?id=1464686
https://security.gentoo.org/glsa/201804-13
https://bugzilla.redhat.com/show_bug.cgi?id=1464686