REDHAT-BUG-2191704
First published: Fri Apr 28 2023(Updated: )
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. <a href="https://www.openwall.com/lists/oss-security/2023/04/13/4">https://www.openwall.com/lists/oss-security/2023/04/13/4</a> <a href="https://www.openwall.com/lists/oss-security/2023/04/12/5">https://www.openwall.com/lists/oss-security/2023/04/12/5</a> <a href="http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56">http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56</a> <a href="http://www.openwall.com/lists/oss-security/2023/04/19/10">http://www.openwall.com/lists/oss-security/2023/04/19/10</a> <a href="http://www.openwall.com/lists/oss-security/2023/04/19/11">http://www.openwall.com/lists/oss-security/2023/04/19/11</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| CentOS Ncurses | <6.4 20230408 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.openwall.com/lists/oss-security/2023/04/13/4
- https://www.openwall.com/lists/oss-security/2023/04/12/5
- http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56
- http://www.openwall.com/lists/oss-security/2023/04/19/10
- http://www.openwall.com/lists/oss-security/2023/04/19/11
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2186313
- https://access.redhat.com/errata/RHSA-2023:5249
- https://catalog.redhat.com/software/containers/ubi8/openjdk-17/618bdbf34ae3739687568813?tag=1.16-2&push_date=1690216094000
- https://catalog.redhat.com/software/containers/ubi8/openjdk-8-runtime/6048ed07dbb14c0b8248bdc4?tag=1.16-2&push_date=1690216094000
- https://access.redhat.com/errata/RHSA-2023:6698
- https://access.redhat.com/errata/RHSA-2023:7361
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2257956
- https://access.redhat.com/errata/RHSA-2024:0416
- https://bugzilla.redhat.com/show_bug.cgi?id=2191704
Frequently Asked Questions
What is the severity of REDHAT-BUG-2191704?
The severity of REDHAT-BUG-2191704 is critical due to its potential for local users to trigger security-relevant memory corruption.
How do I fix REDHAT-BUG-2191704?
To fix REDHAT-BUG-2191704, update the ncurses package to version 6.4 20230408 or later.
Who is affected by REDHAT-BUG-2191704?
Local users running setuid applications that utilize ncurses prior to version 6.4 20230408 are affected by REDHAT-BUG-2191704.
What causes the vulnerability REDHAT-BUG-2191704?
REDHAT-BUG-2191704 is caused by malformed data in a terminfo database file that can lead to security-relevant memory corruption.
What versions of ncurses are affected by REDHAT-BUG-2191704?
Versions of ncurses before 6.4 20230408 are affected by REDHAT-BUG-2191704.
- agent/references
- agent/severity
- agent/description
- agent/type
- agent/first-publish-date
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-29491
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/gnu
- canonical/centos ncurses