CVE-2023-29491

CWE-787 — Out-of-bounds Write12 documents10 sources

Severity

7.8HIGH

EPSS

0.1%

top 80.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Ncurses

Timeline

PublishedApr 14

Latest updateOct 15

Description

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDgnu/ncurses< 6.4

▶Debianncurses< 6.2+20201114-2+deb11u2+3

Patches

Patch: www.openwall.com ↗Patch: www.openwall.com ↗Patch: www.openwall.com ↗

🔴Vulnerability Details

GHSA

GHSA-vh2x-5rx6-qqhv: ncurses before 6↗2023-04-14

▶

OSV

CVE-2023-29491: ncurses before 6↗2023-04-14

▶

CVEList

CVE-2023-29491: ncurses before 6↗2023-04-14

▶

📋Vendor Advisories

Oracle

Oracle Oracle Communications Risk Matrix: Install/Upgrade (NCURSES) — CVE-2023-29491↗2023-10-15

▶

Apple

CVE-2023-29491: macOS Big Sur 11.7.9↗2023-07-24

▶

Apple

CVE-2023-29491: macOS Monterey 12.6.8↗2023-07-24

▶

Apple

CVE-2023-29491: macOS Ventura 13.5↗2023-07-24

▶

Ubuntu

ncurses vulnerabilities↗2023-05-23

▶