Wind River Support Network

HomeDefectsLIN9-5253

Fixed

LIN9-5253 : Security Advisory - ncurses - CVE-2017-13728

Created: Sep 14, 2017 Updated: Dec 3, 2018

Resolved Date: Apr 10, 2018

Found In Version: 9.0.0.10

Fix Version: 9.0.0.16

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.

https://nvd.nist.gov/vuln/detail/CVE-2017-13728

Other Downloads

Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2017-13728