In ncurses 6.1, there is a NULL pointer dereference at function ncparseentry in parseentry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "low", "binaries": [ { "libncurses5": "5.9+20140118-1ubuntu1+esm2", "libx32ncurses5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm2", "libx32ncursesw5": "5.9+20140118-1ubuntu1+esm2", "lib32ncursesw5-dbgsym": "5.9+20140118-1ubuntu1+esm2", "libx32tinfo-dev-dbgsym": "5.9+20140118-1ubuntu1+esm2", "lib32ncurses5": "5.9+20140118-1ubuntu1+esm2", "lib32ncursesw5-dev": "5.9+20140118-1ubuntu1+esm2", "libx32ncursesw5-dev": "5.9+20140118-1ubuntu1+esm2", "libx32tinfo-dev": "5.9+20140118-1ubuntu1+esm2", "lib32tinfo5": "5.9+20140118-1ubuntu1+esm2", "libncurses5-dbg": "5.9+20140118-1ubuntu1+esm2", "lib32ncursesw5": "5.9+20140118-1ubuntu1+esm2", "lib32tinfo-dev": "5.9+20140118-1ubuntu1+esm2", "libtinfo5-dbgsym": "5.9+20140118-1ubuntu1+esm2", "ncurses-base": "5.9+20140118-1ubuntu1+esm2", "libx32tinfo5": "5.9+20140118-1ubuntu1+esm2", "libncursesw5": "5.9+20140118-1ubuntu1+esm2", "libx32ncurses5-dev": "5.9+20140118-1ubuntu1+esm2", "ncurses-bin-dbgsym": "5.9+20140118-1ubuntu1+esm2", "libncursesw5-dbg": "5.9+20140118-1ubuntu1+esm2", "libtinfo-dev-dbgsym": "5.9+20140118-1ubuntu1+esm2", "libx32tinfo5-dbgsym": "5.9+20140118-1ubuntu1+esm2", "lib64tinfo5-dbgsym": "5.9+20140118-1ubuntu1+esm2", "libncursesw5-dev": "5.9+20140118-1ubuntu1+esm2", "libncurses5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm2", "lib64ncurses5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm2", "libncurses5-dbgsym": "5.9+20140118-1ubuntu1+esm2", "libx32ncurses5": "5.9+20140118-1ubuntu1+esm2", "lib64ncurses5-dbgsym": "5.9+20140118-1ubuntu1+esm2", "libncurses5-dev": "5.9+20140118-1ubuntu1+esm2", "libncursesw5-dbgsym": "5.9+20140118-1ubuntu1+esm2", "lib32ncursesw5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm2", "libx32ncursesw5-dbgsym": "5.9+20140118-1ubuntu1+esm2", "lib32tinfo5-dbgsym": "5.9+20140118-1ubuntu1+esm2", "ncurses-examples": "5.9+20140118-1ubuntu1+esm2", "ncurses-doc": "5.9+20140118-1ubuntu1+esm2", "ncurses-examples-dbgsym": "5.9+20140118-1ubuntu1+esm2", "lib32ncurses5-dbgsym": "5.9+20140118-1ubuntu1+esm2", "libtinfo5-dbg": "5.9+20140118-1ubuntu1+esm2", "libtinfo5": "5.9+20140118-1ubuntu1+esm2", "ncurses-term": "5.9+20140118-1ubuntu1+esm2", "lib64tinfo5": "5.9+20140118-1ubuntu1+esm2", "lib32tinfo-dev-dbgsym": "5.9+20140118-1ubuntu1+esm2", "libncursesw5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm2", "ncurses-bin": "5.9+20140118-1ubuntu1+esm2", "libx32ncursesw5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm2", "lib32ncurses5-dev-dbgsym": "5.9+20140118-1ubuntu1+esm2", "libtinfo-dev": "5.9+20140118-1ubuntu1+esm2", "lib64ncurses5-dev": "5.9+20140118-1ubuntu1+esm2", "lib64ncurses5": "5.9+20140118-1ubuntu1+esm2", "lib32ncurses5-dev": "5.9+20140118-1ubuntu1+esm2", "libx32ncurses5-dbgsym": "5.9+20140118-1ubuntu1+esm2" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "low", "binaries": [ { "libncurses5": "6.0+20160213-1ubuntu1+esm2", "libx32ncurses5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm2", "libx32ncursesw5": "6.0+20160213-1ubuntu1+esm2", "lib32ncursesw5-dbgsym": "6.0+20160213-1ubuntu1+esm2", "libx32tinfo-dev-dbgsym": "6.0+20160213-1ubuntu1+esm2", "lib32ncurses5": "6.0+20160213-1ubuntu1+esm2", "lib32ncursesw5-dev": "6.0+20160213-1ubuntu1+esm2", "libx32ncursesw5-dev": "6.0+20160213-1ubuntu1+esm2", "libx32tinfo-dev": "6.0+20160213-1ubuntu1+esm2", "lib32tinfo5": "6.0+20160213-1ubuntu1+esm2", "libncurses5-dbg": "6.0+20160213-1ubuntu1+esm2", "lib32ncursesw5": "6.0+20160213-1ubuntu1+esm2", "lib32tinfo-dev": "6.0+20160213-1ubuntu1+esm2", "libtinfo5-dbgsym": "6.0+20160213-1ubuntu1+esm2", "ncurses-base": "6.0+20160213-1ubuntu1+esm2", "libx32tinfo5": "6.0+20160213-1ubuntu1+esm2", "libncursesw5": "6.0+20160213-1ubuntu1+esm2", "libx32ncurses5-dev": "6.0+20160213-1ubuntu1+esm2", "ncurses-bin-dbgsym": "6.0+20160213-1ubuntu1+esm2", "libncursesw5-dbg": "6.0+20160213-1ubuntu1+esm2", "libtinfo-dev-dbgsym": "6.0+20160213-1ubuntu1+esm2", "libx32tinfo5-dbgsym": "6.0+20160213-1ubuntu1+esm2", "lib64tinfo5-dbgsym": "6.0+20160213-1ubuntu1+esm2", "libncursesw5-dev": "6.0+20160213-1ubuntu1+esm2", "libncurses5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm2", "lib64ncurses5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm2", "libncurses5-dbgsym": "6.0+20160213-1ubuntu1+esm2", "libx32ncurses5": "6.0+20160213-1ubuntu1+esm2", "lib64ncurses5-dbgsym": "6.0+20160213-1ubuntu1+esm2", "libncurses5-dev": "6.0+20160213-1ubuntu1+esm2", "libncursesw5-dbgsym": "6.0+20160213-1ubuntu1+esm2", "lib32ncursesw5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm2", "libx32ncursesw5-dbgsym": "6.0+20160213-1ubuntu1+esm2", "lib32tinfo5-dbgsym": "6.0+20160213-1ubuntu1+esm2", "ncurses-examples": "6.0+20160213-1ubuntu1+esm2", "ncurses-doc": "6.0+20160213-1ubuntu1+esm2", "ncurses-examples-dbgsym": "6.0+20160213-1ubuntu1+esm2", "lib32ncurses5-dbgsym": "6.0+20160213-1ubuntu1+esm2", "libtinfo5-dbg": "6.0+20160213-1ubuntu1+esm2", "libtinfo5": "6.0+20160213-1ubuntu1+esm2", "ncurses-term": "6.0+20160213-1ubuntu1+esm2", "lib64tinfo5": "6.0+20160213-1ubuntu1+esm2", "lib32tinfo-dev-dbgsym": "6.0+20160213-1ubuntu1+esm2", "libncursesw5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm2", "ncurses-bin": "6.0+20160213-1ubuntu1+esm2", "libx32ncursesw5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm2", "lib32ncurses5-dev-dbgsym": "6.0+20160213-1ubuntu1+esm2", "libtinfo-dev": "6.0+20160213-1ubuntu1+esm2", "lib64ncurses5-dev": "6.0+20160213-1ubuntu1+esm2", "lib64ncurses5": "6.0+20160213-1ubuntu1+esm2", "lib32ncurses5-dev": "6.0+20160213-1ubuntu1+esm2", "libx32ncurses5-dbgsym": "6.0+20160213-1ubuntu1+esm2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libncurses5": "6.1-1ubuntu1.18.04", "libtinfo5-udeb": "6.1-1ubuntu1.18.04", "libx32ncursesw5": "6.1-1ubuntu1.18.04", "lib32ncursesw5-dbgsym": "6.1-1ubuntu1.18.04", "lib32ncurses5": "6.1-1ubuntu1.18.04", "lib32ncursesw5-dev": "6.1-1ubuntu1.18.04", "libx32ncursesw5-dev": "6.1-1ubuntu1.18.04", "libx32tinfo-dev": "6.1-1ubuntu1.18.04", "lib32tinfo5": "6.1-1ubuntu1.18.04", "libncurses5-dbg": "6.1-1ubuntu1.18.04", "lib32ncursesw5": "6.1-1ubuntu1.18.04", "lib32tinfo-dev": "6.1-1ubuntu1.18.04", "libx32tinfo5": "6.1-1ubuntu1.18.04", "ncurses-base": "6.1-1ubuntu1.18.04", "libncursesw5": "6.1-1ubuntu1.18.04", "libx32ncurses5-dev": "6.1-1ubuntu1.18.04", "ncurses-bin-dbgsym": "6.1-1ubuntu1.18.04", "libncursesw5-dbg": "6.1-1ubuntu1.18.04", "libx32tinfo5-dbgsym": "6.1-1ubuntu1.18.04", "lib64tinfo5-dbgsym": "6.1-1ubuntu1.18.04", "libncursesw5-dev": "6.1-1ubuntu1.18.04", "libx32ncurses5": "6.1-1ubuntu1.18.04", "lib64ncurses5-dbgsym": "6.1-1ubuntu1.18.04", "libncurses5-dev": "6.1-1ubuntu1.18.04", "libx32ncursesw5-dbgsym": "6.1-1ubuntu1.18.04", "lib32tinfo5-dbgsym": "6.1-1ubuntu1.18.04", "ncurses-examples": "6.1-1ubuntu1.18.04", "ncurses-doc": "6.1-1ubuntu1.18.04", "ncurses-examples-dbgsym": "6.1-1ubuntu1.18.04", "lib32ncurses5-dbgsym": "6.1-1ubuntu1.18.04", "libtinfo5-dbg": "6.1-1ubuntu1.18.04", "libtinfo5": "6.1-1ubuntu1.18.04", "ncurses-term": "6.1-1ubuntu1.18.04", "lib64tinfo5": "6.1-1ubuntu1.18.04", "ncurses-bin": "6.1-1ubuntu1.18.04", "libtinfo-dev": "6.1-1ubuntu1.18.04", "lib64ncurses5-dev": "6.1-1ubuntu1.18.04", "lib64ncurses5": "6.1-1ubuntu1.18.04", "lib32ncurses5-dev": "6.1-1ubuntu1.18.04", "libx32ncurses5-dbgsym": "6.1-1ubuntu1.18.04" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libncurses5": "6.2-0ubuntu2", "lib32ncurses-dev": "6.2-0ubuntu2", "libncursesw6-dbgsym": "6.2-0ubuntu2", "lib32ncurses6": "6.2-0ubuntu2", "libncurses-dev": "6.2-0ubuntu2", "lib64tinfo6-dbgsym": "6.2-0ubuntu2", "libncurses6-dbgsym": "6.2-0ubuntu2", "libncurses6": "6.2-0ubuntu2", "ncurses-bin-dbgsym": "6.2-0ubuntu2", "lib64ncurses6-dbgsym": "6.2-0ubuntu2", "libncursesw5": "6.2-0ubuntu2", "libtinfo5-dbgsym": "6.2-0ubuntu2", "ncurses-base": "6.2-0ubuntu2", "libtinfo6": "6.2-0ubuntu2", "lib64tinfo6": "6.2-0ubuntu2", "lib64ncursesw6": "6.2-0ubuntu2", "lib32ncursesw6-dbgsym": "6.2-0ubuntu2", "libncursesw5-dev": "6.2-0ubuntu2", "libncurses5-dbgsym": "6.2-0ubuntu2", "libtinfo6-udeb": "6.2-0ubuntu2", "lib32ncurses6-dbgsym": "6.2-0ubuntu2", "libncurses5-dev": "6.2-0ubuntu2", "libncursesw5-dbgsym": "6.2-0ubuntu2", "ncurses-examples": "6.2-0ubuntu2", "ncurses-doc": "6.2-0ubuntu2", "ncurses-examples-dbgsym": "6.2-0ubuntu2", "lib32tinfo6": "6.2-0ubuntu2", "lib64ncurses-dev": "6.2-0ubuntu2", "lib64ncurses6": "6.2-0ubuntu2", "ncurses-term": "6.2-0ubuntu2", "libtinfo5": "6.2-0ubuntu2", "libncursesw6": "6.2-0ubuntu2", "ncurses-bin": "6.2-0ubuntu2", "libtinfo-dev": "6.2-0ubuntu2", "libtinfo6-dbgsym": "6.2-0ubuntu2", "lib64ncursesw6-dbgsym": "6.2-0ubuntu2", "lib32ncursesw6": "6.2-0ubuntu2", "lib32tinfo6-dbgsym": "6.2-0ubuntu2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libncurses5": "6.3-2", "lib32ncurses-dev": "6.3-2", "libncursesw6-dbgsym": "6.3-2", "lib32ncurses6": "6.3-2", "libncurses-dev": "6.3-2", "lib64tinfo6-dbgsym": "6.3-2", "libncurses6-dbgsym": "6.3-2", "libncurses6": "6.3-2", "ncurses-bin-dbgsym": "6.3-2", "lib64ncurses6-dbgsym": "6.3-2", "libncursesw5": "6.3-2", "libtinfo5-dbgsym": "6.3-2", "ncurses-base": "6.3-2", "libtinfo6": "6.3-2", "lib64tinfo6": "6.3-2", "lib64ncursesw6": "6.3-2", "lib32ncursesw6-dbgsym": "6.3-2", "libncursesw5-dev": "6.3-2", "libncurses5-dbgsym": "6.3-2", "lib32ncurses6-dbgsym": "6.3-2", "libncurses5-dev": "6.3-2", "libncursesw5-dbgsym": "6.3-2", "ncurses-examples": "6.3-2", "ncurses-doc": "6.3-2", "ncurses-examples-dbgsym": "6.3-2", "lib32tinfo6": "6.3-2", "lib64ncurses-dev": "6.3-2", "lib64ncurses6": "6.3-2", "libtinfo5": "6.3-2", "ncurses-term": "6.3-2", "libncursesw6": "6.3-2", "ncurses-bin": "6.3-2", "libtinfo-dev": "6.3-2", "libtinfo6-dbgsym": "6.3-2", "lib64ncursesw6-dbgsym": "6.3-2", "lib32ncursesw6": "6.3-2", "lib32tinfo6-dbgsym": "6.3-2" } ] }