Your submission was sent successfully! Close

CVE-2022-29458

Published: 18 April 2022

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

Priority

Negligible

CVSS 3 base score: 7.1

Status

Package Release Status
ncurses
Launchpad, Ubuntu, Debian
bionic Needed

focal Needed

impish Needed

jammy Needed

trusty
Released (5.9+20140118-1ubuntu1+esm2)
upstream
Released (6.3-20220416)
xenial
Released (6.0+20160213-1ubuntu1+esm2)
Patches:
upstream: https://github.com/mirror/ncurses/commit/4c9f63c460cb7134f142aa65f6866c175ed77605