Unrated severityNVD Advisory· Published Nov 12, 2018· Updated Aug 5, 2024
CVE-2018-19211
CVE-2018-19211
Description
In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection.
Affected products
11- osv-coords11 versionspkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4
< 5.9-61.1+ 10 more
- (no CPE)range: < 5.9-61.1
- (no CPE)range: < 5.9-61.1
- (no CPE)range: < 6.1-5.3.1
- (no CPE)range: < 6.1-5.3.1
- (no CPE)range: < 6.1-5.3.1
- (no CPE)range: < 5.9-61.1
- (no CPE)range: < 5.9-61.1
- (no CPE)range: < 5.9-61.1
- (no CPE)range: < 5.9-61.1
- (no CPE)range: < 5.9-61.1
- (no CPE)range: < 5.9-61.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
News mentions
0No linked articles in our index yet.