Lucene search
GoogleOSV:GHSA-G7R5-X7CR-VM3VHistoryAug 25, 2021 - 8:58 p.m.
Buffer overflow and format vulnerabilities in ncurses
2021-08-2520:58:29
Google
osv.dev
8
ncurses exposes functions from the ncurses library which:
- Pass buffers without length to C functions that may write an arbitrary amount of data, leading to a buffer overflow. (instr, mvwinstr, etc)
- Passes rust &str to strings expecting C format arguments, allowing hostile input to execute a format string attack, which trivially allows writing arbitrary data to stack memory (functions in the printw family).
Related
rustsec
rustsec
osv
osv
Mishandling of format strings in ncurses
2021-08-25 20:58:47
rosalinux
rosalinux
Advisory ROSA-SA-2021-1927
2021-07-02 17:32:26
debiancve
debiancve
CVE-2019-15548
2019-08-26 18:15:00
CVE-2019-15547
2019-08-26 18:15:00
cvelist
cvelist
CVE-2019-15548
2019-08-26 17:02:16
CVE-2019-15547
2019-08-26 17:05:33
cve
cve
CVE-2019-15547
2019-08-26 18:15:12
CVE-2019-15548
2019-08-26 18:15:12
prion
prion
Format string
2019-08-26 18:15:00
Buffer overflow
2019-08-26 18:15:00
github
github
Mishandling of format strings in ncurses
2021-08-25 20:58:47
Buffer overflow and format vulnerabilities in ncurses
2021-08-25 20:58:29
ubuntucve
ubuntucve
CVE-2019-15547
2019-08-26 00:00:00
CVE-2019-15548
2019-08-26 00:00:00
nvd
nvd
CVE-2019-15547
2019-08-26 18:15:12
CVE-2019-15548
2019-08-26 18:15:12