625830 – (CVE-2017-10684, CVE-2017-10685) <sys-libs/ncurses-6.1: Multiple vulnerabilities

Bug 625830 (CVE-2017-10684, CVE-2017-10685) - <sys-libs/ncurses-6.1: Multiple vulnerabilities

Summary: <sys-libs/ncurses-6.1: Multiple vulnerabilities

Status:	RESOLVED FIXED

Alias:	CVE-2017-10684, CVE-2017-10685

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	A1 [glsa+ cve]
Keywords:

Depends on:	CVE-2017-16879 648114
Blocks:
	Show dependency tree

Reported:	2017-07-21 08:31 UTC by Aleksandr Wagner (Kivak)
Modified:	2018-04-17 18:19 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Aleksandr Wagner (Kivak) 2017-07-21 08:31:59 UTC

CVE-2017-10684 (https://nvd.nist.gov/vuln/detail/CVE-2017-10684)

In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1464687
https://bugzilla.redhat.com/show_bug.cgi?id=1473302

Upstream patch:
https://lists.gnu.org/archive/html/bug-ncurses/2017-07/msg00001.html

Comment 1 GLSAMaker/CVETool Bot gentoo-dev

2017-10-23 17:55:21 UTC

CVE-2017-10685 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10685):
  In ncurses 6.0, there is a format string vulnerability in the fmt_entry
  function. A crafted input will lead to a remote arbitrary code execution
  attack.

Comment 2 GLSAMaker/CVETool Bot gentoo-dev

2018-04-17 18:19:57 UTC

This issue was resolved and addressed in
 GLSA 201804-13 at https://security.gentoo.org/glsa/201804-13
by GLSA coordinator Aaron Bauman (b-man).