logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-5212

Description

In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5. #### Notes Author| Note ---|--- [msalvatore](<https://launchpad.net/~msalvatore>) | Nethack is installed sgid games, but not suid or sgid root.


Affected Package


OS OS Version Package Name Package Version
ubuntu 20.04 nethack any
ubuntu upstream nethack 3.6.5

Related