ncurses: segfaulting OOB read

A segmentation fault vulnerability was found in ncurses's convertstrings function of tinfo/readentry.c file. This flaw occurs due to corrupted terminfo data, triggering an out-of-bounds read error...

SUSE CVE-2022-29458

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convertstrings in tinfo/readentry.c in the terminfo library...

The vulnerability in the `convert_strings` function of the `tinfo/read_entry.c` component in the input/output library for the Ncurses terminal control module allows a hacker to access confidential data and also trigger a service denial.

The vulnerability of the convertstrings function in the tinfo/readentry.c component of the input/output library for the Ncurses terminal control module is related to reading data beyond the allowed buffer limits. Exploiting this vulnerability allows an attacker to access confidential data and als...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the convertstrings function in tinfo/readentry.c, which allows attackers to crash the service when processing corrupt terminfo data. Remediation Upgrade ncurses to version 6.3 or higher. References - GitHub Commit ...

OESA-2022-1635 ncurses security update

The ncurses new curses library is a free software emulation of curses in System V Release 4.0 SVr4, and more. It uses terminfo format, supports pads and color and multiple highlights and forms characters and function-key mapping, and has all the other SVr4-curses enhancements over BSD curses. SVr...

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

...

AZL-9497 CVE-2022-29458 affecting package ncurses for versions less than 6.3-2

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convertstrings in tinfo/readentry.c in the terminfo library...