Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 18.04 LTS: USN-6451-1 Critical: ncurses DoS Threat

ubuntu
Calendar Grey October 24, 2023
Dist Ubuntu Esm H88
Make sure you upgrade your Ubuntu installations to resolve the ncurses vulnerability, which has the potential to cause system instability and interruptions in service.
ncurses could be made to crash if it opened a specially crafted file.

Summary

ncurses could be made to crash if it opened a specially crafted

file.

Software Description:

- ncurses: shared libraries for terminal handling

Details:

It was discovered that ncurses could be made to read out of bounds.

An attacker could possibly use this issue to cause a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
   lib32ncurses5                   6.1-1ubuntu1.18.04.1+esm1
   lib32ncursesw5                  6.1-1ubuntu1.18.04.1+esm1
   lib32tinfo5                     6.1-1ubuntu1.18.04.1+esm1
   lib64ncurses5                   6.1-1ubuntu1.18.04.1+esm1
   lib64tinfo5                     6.1-1ubuntu1.18.04.1+esm1
   libncurses5                     6.1-1ubuntu1.18.04.1+esm1
   libncursesw5                    6.1-1ubuntu1.18.04.1+esm1
   libtinfo5                       6.1-1ubuntu1.18.04.1+esm1
   libx32ncurses5                  6.1-1ubuntu1.18.04.1+esm1
   libx32ncursesw5                 6.1-1ubuntu1.18.04.1+esm1
   libx32tinfo5                    6.1-1ubuntu1.18.04.1+esm1
   ncurses-bin                     6.1-1ubuntu1.18.04.1+esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
   lib32ncurses5                   6.0+20160213-1ubuntu1+esm4
   lib32ncursesw5                  6.0+20160213-1ubuntu1+esm4
   lib32tinfo5                     6.0+20160213-1ubuntu1+esm4
   lib64ncurses5                   6.0+20160213-1ubuntu1+esm4
   lib64tinfo5                     6.0+20160213-1ubuntu1+esm4
   libncurses5                     6.0+20160213-1ubuntu1+esm4
   libncursesw5                    6.0+20160213-1ubuntu1+esm4
   libtinfo5                       6.0+20160213-1ubuntu1+esm4
   libx32ncurses5                  6.0+20160213-1ubuntu1+esm4
   libx32ncursesw5                 6.0+20160213-1ubuntu1+esm4
   libx32tinfo5                    6.0+20160213-1ubuntu1+esm4
   ncurses-bin                     6.0+20160213-1ubuntu1+esm4

Ubuntu 14.04 LTS (Available with Ubuntu Pro):
   lib32ncurses5                   5.9+20140118-1ubuntu1+esm4
   lib32ncursesw5                  5.9+20140118-1ubuntu1+esm4
   lib32tinfo5                     5.9+20140118-1ubuntu1+esm4
   lib64ncurses5                   5.9+20140118-1ubuntu1+esm4
   lib64tinfo5                     5.9+20140118-1ubuntu1+esm4
   libncurses5                     5.9+20140118-1ubuntu1+esm4
   libncursesw5                    5.9+20140118-1ubuntu1+esm4
   libtinfo5                       5.9+20140118-1ubuntu1+esm4
   libx32ncurses5                  5.9+20140118-1ubuntu1+esm4
   libx32ncursesw5                 5.9+20140118-1ubuntu1+esm4
   libx32tinfo5                    5.9+20140118-1ubuntu1+esm4
   ncurses-bin                     5.9+20140118-1ubuntu1+esm4

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-6451-1

  CVE-2020-19189

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6451-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here