712128 – (CVE-2020-5254) <games-roguelike/nethack-3.6.6: exploitable out-of-bound values (CVE-2020-5254)

Bug 712128 (CVE-2020-5254) - <games-roguelike/nethack-3.6.6: exploitable out-of-bound values (CVE-2020-5254)

Summary: <games-roguelike/nethack-3.6.6: exploitable out-of-bound values (CVE-2020-5254)

Status:	RESOLVED FIXED

Alias:	CVE-2020-5254

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal trivial (vote)
Assignee:	Gentoo Security

URL:	https://nethack.org/security/CVE-2020...
Whiteboard:	~2 [noglsa cve]
Keywords:

Depends on:
Blocks:

Reported:	2020-03-11 08:21 UTC by filip ambroz
Modified:	2020-04-07 22:54 UTC (History)
CC List:	1 user (show)

See Also:	CVE-2020-5209, CVE-2020-5210, CVE-2020-5211, CVE-2020-5212, CVE-2020-5213, CVE-2020-5214
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description filip ambroz 2020-03-11 08:21:35 UTC

Some out-of-bound values for the hilite_status option can be exploited.
This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. 

References:
https://github.com/NetHack/NetHack/security/advisories/GHSA-2ch6-6r8h-m2p9
https://github.com/dpmdpm2/CVE-2020-5254
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5254
https://nvd.nist.gov/vuln/detail/CVE-2020-5254
https://security-tracker.debian.org/tracker/CVE-2020-5254
https://bugzilla.redhat.com/show_bug.cgi?id=1812229

Solution: upgrade to 3.6.6

Comment 1 Sam James archtester

2020-03-30 15:04:23 UTC

3.6.6 addition: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=99ac822df309e7805ae6c557055f79a3532d06f4

cleanup: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ac2c30327e98c5d15c0fa0e94d11a6cabd997683

Closing because noglsa and tree is clean.