UBUNTU-CVE-2017-16879

Source
https://ubuntu.com/security/CVE-2017-16879
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-16879.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2017-16879
Related
Published
2017-11-22T22:29:00Z
Modified
2024-11-20T12:13:34Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Stack-based buffer overflow in the ncwriteentry function in tinfo/writeentry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic.

References

Affected packages

Ubuntu:Pro:14.04:LTS / ncurses

Package

Name
ncurses
Purl
pkg:deb/ubuntu/ncurses?arch=src?distro=trusty/esm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9+20140118-1ubuntu1+esm2

Affected versions

5.*

5.9+20130608-1ubuntu1
5.9+20131221-1ubuntu1
5.9+20140118-1ubuntu1
5.9+20140118-1ubuntu1+esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "negligible",
    "binaries": [
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib32ncurses5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib32ncurses5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib32ncurses5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib32ncurses5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib32ncursesw5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib32ncursesw5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib32ncursesw5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib32ncursesw5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib32tinfo-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib32tinfo-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib32tinfo5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib32tinfo5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib64ncurses5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib64ncurses5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib64ncurses5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib64ncurses5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib64tinfo5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "lib64tinfo5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libncurses5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libncurses5-dbg"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libncurses5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libncurses5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libncurses5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libncursesw5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libncursesw5-dbg"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libncursesw5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libncursesw5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libncursesw5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libtinfo-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libtinfo-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libtinfo5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libtinfo5-dbg"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libtinfo5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libx32ncurses5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libx32ncurses5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libx32ncurses5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libx32ncurses5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libx32ncursesw5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libx32ncursesw5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libx32ncursesw5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libx32ncursesw5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libx32tinfo-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libx32tinfo-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libx32tinfo5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "libx32tinfo5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "ncurses-base"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "ncurses-bin"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "ncurses-bin-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "ncurses-doc"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "ncurses-examples"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "ncurses-examples-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm2",
            "binary_name": "ncurses-term"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / ncurses

Package

Name
ncurses
Purl
pkg:deb/ubuntu/ncurses?arch=src?distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0+20160213-1ubuntu1+esm2

Affected versions

5.*

5.9+20150516-2ubuntu1

6.*

6.0+20151024-2ubuntu1
6.0+20151024-2ubuntu2
6.0+20160213-1ubuntu1
6.0+20160213-1ubuntu1+esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "negligible",
    "binaries": [
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib32ncurses5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib32ncurses5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib32ncurses5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib32ncurses5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib32ncursesw5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib32ncursesw5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib32ncursesw5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib32ncursesw5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib32tinfo-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib32tinfo-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib32tinfo5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib32tinfo5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib64ncurses5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib64ncurses5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib64ncurses5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib64ncurses5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib64tinfo5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "lib64tinfo5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libncurses5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libncurses5-dbg"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libncurses5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libncurses5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libncurses5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libncursesw5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libncursesw5-dbg"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libncursesw5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libncursesw5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libncursesw5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libtinfo-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libtinfo-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libtinfo5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libtinfo5-dbg"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libtinfo5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libx32ncurses5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libx32ncurses5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libx32ncurses5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libx32ncurses5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libx32ncursesw5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libx32ncursesw5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libx32ncursesw5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libx32ncursesw5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libx32tinfo-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libx32tinfo-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libx32tinfo5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "libx32tinfo5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "ncurses-base"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "ncurses-bin"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "ncurses-bin-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "ncurses-doc"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "ncurses-examples"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "ncurses-examples-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm2",
            "binary_name": "ncurses-term"
        }
    ]
}

Ubuntu:18.04:LTS / ncurses

Package

Name
ncurses
Purl
pkg:deb/ubuntu/ncurses?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1-1ubuntu1.18.04

Affected versions

6.*

6.0+20160625-1ubuntu1
6.0+20171125-1ubuntu1
6.1-1ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "negligible",
    "binaries": [
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib32ncurses5"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib32ncurses5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib32ncurses5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib32ncursesw5"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib32ncursesw5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib32ncursesw5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib32tinfo-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib32tinfo5"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib32tinfo5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib64ncurses5"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib64ncurses5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib64ncurses5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib64tinfo5"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "lib64tinfo5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libncurses5"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libncurses5-dbg"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libncurses5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libncursesw5"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libncursesw5-dbg"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libncursesw5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libtinfo-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libtinfo5"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libtinfo5-dbg"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libtinfo5-udeb"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libx32ncurses5"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libx32ncurses5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libx32ncurses5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libx32ncursesw5"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libx32ncursesw5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libx32ncursesw5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libx32tinfo-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libx32tinfo5"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "libx32tinfo5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "ncurses-base"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "ncurses-bin"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "ncurses-bin-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "ncurses-doc"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "ncurses-examples"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "ncurses-examples-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1.18.04",
            "binary_name": "ncurses-term"
        }
    ]
}