SB2023121144 - Multiple vulnerabilities in ncurses
Published: December 11, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 secuirty vulnerabilities.
1) Out-of-bounds write (CVE-ID: CVE-2020-19185)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the one_one_mapping() function in progs/dump_entry.c. A remote attacker can send a specially crafted command to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
2) Out-of-bounds write (CVE-ID: CVE-2020-19186)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the _nc_find_entry() function in tinfo/comp_hash.c. A remote attacker can send a specially crafted command to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
3) Out-of-bounds write (CVE-ID: CVE-2020-19187)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the fmt_entry() function in progs/dump_entry.c. A remote attacker can send a specially crafted command to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
4) Out-of-bounds write (CVE-ID: CVE-2020-19188)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the fmt_entry() function in progs/dump_entry.c. A remote attacker can send a specially crafted command to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
5) Out-of-bounds write (CVE-ID: CVE-2020-19190)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the _nc_find_entry() function in tinfo/comp_hash.c. A remote attacker can send a specially crafted command to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.
Remediation
Install update from vendor's website.
References
- https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc1.md
- https://security.netapp.com/advisory/ntap-20231006-0005/
- https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc2.md
- https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc3.md
- https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc4.md
- https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc6.md