Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Ubuntu 18.04 LTS: USN-6451-1 Critical: ncurses DoS Threat

ubuntu
Calendar Grey October 24, 2023
Dist Ubuntu Esm H88
Make sure you upgrade your Ubuntu installations to resolve the ncurses vulnerability, which has the potential to cause system instability and interruptions in service.
ncurses could be made to crash if it opened a specially crafted file.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: ncurses could be made to crash if it opened a specially crafted file. Software Description: - ncurses: shared libraries for terminal handling Details: It was discovered that ncurses could be made to read out of bounds. An attacker could possibly use this issue to cause a denial of service.

Topics%20covered

Topics Covered

security advisory denial of service critical issue ncurses ubuntu

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro):   lib32ncurses5                   6.1-1ubuntu1.18.04.1+esm1   lib32ncursesw5                  6.1-1ubuntu1.18.04.1+esm1   lib32tinfo5                     6.1-1ubuntu1.18.04.1+esm1   lib64ncurses5                   6.1-1ubuntu1.18.04.1+esm1   lib64tinfo5                     6.1-1ubuntu1.18.04.1+esm1   libncurses5                     6.1-1ubuntu1.18.04.1+esm1   libncursesw5                    6.1-1ubuntu1.18.04.1+esm1   libtinfo5                       6.1-1ubuntu1.18.04.1+esm1   libx32ncurses5                  6.1-1ubuntu1.18.04.1+esm1   libx32ncursesw5                 6.1-1ubuntu1.18.04.1+esm1   libx32tinfo5                    6.1-1ubuntu1.18.04.1+esm1   ncurses-bin                     6.1-1ubuntu1.18.04.1+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro):   lib32ncurses5                   6.0+20160213-1ubuntu1+esm4   lib32ncursesw5                  6.0+20160213-1ubuntu1+esm4   lib32tinfo5                     6.0+20160213-1ubuntu1+esm4   lib64ncurses5                   6.0+20160213-1ubuntu1+esm4   lib64tinfo5                     6.0+20160213-1ubuntu1+esm4   libncurses5                     6.0+20160213-1ubuntu1+esm4   libncursesw5                    6.0+20160213-1ubuntu1+esm4   libtinfo5                       6.0+20160213-1ubuntu1+esm4   libx32ncurses5                  6.0+20160213-1ubuntu1+esm4   libx32ncursesw5                 6.0+20160213-1ubuntu1+esm4   libx32tinfo5                    6.0+20160213-1ubuntu1+esm4   ncurses-bin                     6.0+20160213-1ubuntu1+esm4 Ubuntu 14.04 LTS (Available with Ubuntu Pro):   lib32ncurses5                   5.9+20140118-1ubuntu1+esm4   lib32ncursesw5                  5.9+20140118-1ubuntu1+esm4   lib32tinfo5                     5.9+20140118-1ubuntu1+esm4   lib64ncurses5                   5.9+20140118-1ubuntu1+esm4   lib64tinfo5                     5.9+20140118-1ubuntu1+esm4   libncurses5                     5.9+20140118-1ubuntu1+esm4   libncursesw5                    5.9+20140118-1ubuntu1+esm4   libtinfo5                       5.9+20140118-1ubuntu1+esm4   libx32ncurses5                  5.9+20140118-1ubuntu1+esm4   libx32ncursesw5                 5.9+20140118-1ubuntu1+esm4   libx32tinfo5                    5.9+20140118-1ubuntu1+esm4   ncurses-bin                     5.9+20140118-1ubuntu1+esm4 In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-6451-1

  CVE-2020-19189

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6451-1

Topics%20covered

Topics Covered

security advisory denial of service critical issue ncurses ubuntu

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here