CVE-2017-11113

Published: 7/8/2017 Last updated: 8/5/2024 Reserved: 7/8/2017

In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (6)

bap-llvm clangml conf-mingw-w64-ncurses-i686 conf-mingw-w64-ncurses-x86_64 conf-ncurses curses

Products affected (1)

Product	Vendor	Version
n/a	n/a	Snapdragon 460 Mobile Platform

References (4)

https://security.gentoo.org/glsa/201804-13
https://bugzilla.redhat.com/show_bug.cgi?id=1464691
https://security.gentoo.org/glsa/201804-13
https://bugzilla.redhat.com/show_bug.cgi?id=1464691