There is an illegal address access in the ncsavestr function in allocentry.c in ncurses 6.0. It will lead to a remote denial of service attack.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "negligible", "binaries": [ { "libncurses5": "5.9+20140118-1ubuntu1+esm1", "libx32ncurses5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm1", "libx32ncursesw5": "5.9+20140118-1ubuntu1+esm1", "lib32ncursesw5-dbgsym": "5.9+20140118-1ubuntu1+esm1", "libx32tinfo-dev-dbgsym": "5.9+20140118-1ubuntu1+esm1", "lib32ncurses5": "5.9+20140118-1ubuntu1+esm1", "lib32ncursesw5-dev": "5.9+20140118-1ubuntu1+esm1", "libx32ncursesw5-dev": "5.9+20140118-1ubuntu1+esm1", "libx32tinfo-dev": "5.9+20140118-1ubuntu1+esm1", "lib32tinfo5": "5.9+20140118-1ubuntu1+esm1", "libncurses5-dbg": "5.9+20140118-1ubuntu1+esm1", "lib32ncursesw5": "5.9+20140118-1ubuntu1+esm1", "lib32tinfo-dev": "5.9+20140118-1ubuntu1+esm1", "libtinfo5-dbgsym": "5.9+20140118-1ubuntu1+esm1", "ncurses-base": "5.9+20140118-1ubuntu1+esm1", "libx32tinfo5": "5.9+20140118-1ubuntu1+esm1", "libncursesw5": "5.9+20140118-1ubuntu1+esm1", "libx32ncurses5-dev": "5.9+20140118-1ubuntu1+esm1", "ncurses-bin-dbgsym": "5.9+20140118-1ubuntu1+esm1", "libncursesw5-dbg": "5.9+20140118-1ubuntu1+esm1", "libtinfo-dev-dbgsym": "5.9+20140118-1ubuntu1+esm1", "libx32tinfo5-dbgsym": "5.9+20140118-1ubuntu1+esm1", "lib64tinfo5-dbgsym": "5.9+20140118-1ubuntu1+esm1", "libncursesw5-dev": "5.9+20140118-1ubuntu1+esm1", "libncurses5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm1", "lib64ncurses5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm1", "libncurses5-dbgsym": "5.9+20140118-1ubuntu1+esm1", "libx32ncurses5": "5.9+20140118-1ubuntu1+esm1", "lib64ncurses5-dbgsym": "5.9+20140118-1ubuntu1+esm1", "libncurses5-dev": "5.9+20140118-1ubuntu1+esm1", "libncursesw5-dbgsym": "5.9+20140118-1ubuntu1+esm1", "lib32ncursesw5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm1", "libx32ncursesw5-dbgsym": "5.9+20140118-1ubuntu1+esm1", "lib32tinfo5-dbgsym": "5.9+20140118-1ubuntu1+esm1", "ncurses-examples": "5.9+20140118-1ubuntu1+esm1", "ncurses-doc": "5.9+20140118-1ubuntu1+esm1", "ncurses-examples-dbgsym": "5.9+20140118-1ubuntu1+esm1", "lib32ncurses5-dbgsym": "5.9+20140118-1ubuntu1+esm1", "libtinfo5-dbg": "5.9+20140118-1ubuntu1+esm1", "libtinfo5": "5.9+20140118-1ubuntu1+esm1", "ncurses-term": "5.9+20140118-1ubuntu1+esm1", "lib64tinfo5": "5.9+20140118-1ubuntu1+esm1", "lib32tinfo-dev-dbgsym": "5.9+20140118-1ubuntu1+esm1", "libncursesw5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm1", "ncurses-bin": "5.9+20140118-1ubuntu1+esm1", "libx32ncursesw5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm1", "lib32ncurses5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm1", "libtinfo-dev": "5.9+20140118-1ubuntu1+esm1", "lib64ncurses5-dev": "5.9+20140118-1ubuntu1+esm1", "lib64ncurses5": "5.9+20140118-1ubuntu1+esm1", "lib32ncurses5-dev": "5.9+20140118-1ubuntu1+esm1", "libx32ncurses5-dbgsym": "5.9+20140118-1ubuntu1+esm1" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "negligible", "binaries": [ { "libncurses5": "6.0+20160213-1ubuntu1+esm1", "libx32ncurses5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm1", "libx32ncursesw5": "6.0+20160213-1ubuntu1+esm1", "lib32ncursesw5-dbgsym": "6.0+20160213-1ubuntu1+esm1", "libx32tinfo-dev-dbgsym": "6.0+20160213-1ubuntu1+esm1", "lib32ncurses5": "6.0+20160213-1ubuntu1+esm1", "lib32ncursesw5-dev": "6.0+20160213-1ubuntu1+esm1", "libx32ncursesw5-dev": "6.0+20160213-1ubuntu1+esm1", "libx32tinfo-dev": "6.0+20160213-1ubuntu1+esm1", "lib32tinfo5": "6.0+20160213-1ubuntu1+esm1", "libncurses5-dbg": "6.0+20160213-1ubuntu1+esm1", "lib32ncursesw5": "6.0+20160213-1ubuntu1+esm1", "lib32tinfo-dev": "6.0+20160213-1ubuntu1+esm1", "libtinfo5-dbgsym": "6.0+20160213-1ubuntu1+esm1", "ncurses-base": "6.0+20160213-1ubuntu1+esm1", "libx32tinfo5": "6.0+20160213-1ubuntu1+esm1", "libncursesw5": "6.0+20160213-1ubuntu1+esm1", "libx32ncurses5-dev": "6.0+20160213-1ubuntu1+esm1", "ncurses-bin-dbgsym": "6.0+20160213-1ubuntu1+esm1", "libncursesw5-dbg": "6.0+20160213-1ubuntu1+esm1", "libtinfo-dev-dbgsym": "6.0+20160213-1ubuntu1+esm1", "libx32tinfo5-dbgsym": "6.0+20160213-1ubuntu1+esm1", "lib64tinfo5-dbgsym": "6.0+20160213-1ubuntu1+esm1", "libncursesw5-dev": "6.0+20160213-1ubuntu1+esm1", "libncurses5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm1", "lib64ncurses5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm1", "libncurses5-dbgsym": "6.0+20160213-1ubuntu1+esm1", "libx32ncurses5": "6.0+20160213-1ubuntu1+esm1", "lib64ncurses5-dbgsym": "6.0+20160213-1ubuntu1+esm1", "libncurses5-dev": "6.0+20160213-1ubuntu1+esm1", "libncursesw5-dbgsym": "6.0+20160213-1ubuntu1+esm1", "lib32ncursesw5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm1", "libx32ncursesw5-dbgsym": "6.0+20160213-1ubuntu1+esm1", "lib32tinfo5-dbgsym": "6.0+20160213-1ubuntu1+esm1", "ncurses-examples": "6.0+20160213-1ubuntu1+esm1", "ncurses-doc": "6.0+20160213-1ubuntu1+esm1", "ncurses-examples-dbgsym": "6.0+20160213-1ubuntu1+esm1", "lib32ncurses5-dbgsym": "6.0+20160213-1ubuntu1+esm1", "libtinfo5-dbg": "6.0+20160213-1ubuntu1+esm1", "libtinfo5": "6.0+20160213-1ubuntu1+esm1", "ncurses-term": "6.0+20160213-1ubuntu1+esm1", "lib64tinfo5": "6.0+20160213-1ubuntu1+esm1", "lib32tinfo-dev-dbgsym": "6.0+20160213-1ubuntu1+esm1", "libncursesw5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm1", "ncurses-bin": "6.0+20160213-1ubuntu1+esm1", "libx32ncursesw5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm1", "lib32ncurses5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm1", "libtinfo-dev": "6.0+20160213-1ubuntu1+esm1", "lib64ncurses5-dev": "6.0+20160213-1ubuntu1+esm1", "lib64ncurses5": "6.0+20160213-1ubuntu1+esm1", "lib32ncurses5-dev": "6.0+20160213-1ubuntu1+esm1", "libx32ncurses5-dbgsym": "6.0+20160213-1ubuntu1+esm1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "negligible", "binaries": [ { "libncurses5": "6.1-1ubuntu1", "libtinfo5-udeb": "6.1-1ubuntu1", "libx32ncursesw5": "6.1-1ubuntu1", "lib32ncursesw5-dbgsym": "6.1-1ubuntu1", "lib32ncurses5": "6.1-1ubuntu1", "lib32ncursesw5-dev": "6.1-1ubuntu1", "libx32ncursesw5-dev": "6.1-1ubuntu1", "libx32tinfo-dev": "6.1-1ubuntu1", "lib32tinfo5": "6.1-1ubuntu1", "libncurses5-dbg": "6.1-1ubuntu1", "lib32ncursesw5": "6.1-1ubuntu1", "lib32tinfo-dev": "6.1-1ubuntu1", "libx32tinfo5": "6.1-1ubuntu1", "ncurses-base": "6.1-1ubuntu1", "libncursesw5": "6.1-1ubuntu1", "libx32ncurses5-dev": "6.1-1ubuntu1", "ncurses-bin-dbgsym": "6.1-1ubuntu1", "libncursesw5-dbg": "6.1-1ubuntu1", "libx32tinfo5-dbgsym": "6.1-1ubuntu1", "lib64tinfo5-dbgsym": "6.1-1ubuntu1", "libncursesw5-dev": "6.1-1ubuntu1", "libx32ncurses5": "6.1-1ubuntu1", "lib64ncurses5-dbgsym": "6.1-1ubuntu1", "libncurses5-dev": "6.1-1ubuntu1", "libx32ncursesw5-dbgsym": "6.1-1ubuntu1", "lib32tinfo5-dbgsym": "6.1-1ubuntu1", "ncurses-examples": "6.1-1ubuntu1", "ncurses-doc": "6.1-1ubuntu1", "ncurses-examples-dbgsym": "6.1-1ubuntu1", "lib32ncurses5-dbgsym": "6.1-1ubuntu1", "libtinfo5-dbg": "6.1-1ubuntu1", "libtinfo5": "6.1-1ubuntu1", "ncurses-term": "6.1-1ubuntu1", "lib64tinfo5": "6.1-1ubuntu1", "ncurses-bin": "6.1-1ubuntu1", "libtinfo-dev": "6.1-1ubuntu1", "lib64ncurses5-dev": "6.1-1ubuntu1", "lib64ncurses5": "6.1-1ubuntu1", "lib32ncurses5-dev": "6.1-1ubuntu1", "libx32ncurses5-dbgsym": "6.1-1ubuntu1" } ] }