UBUNTU-CVE-2017-10684

Source
https://ubuntu.com/security/CVE-2017-10684
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-10684.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-10684
Related
Published
2017-06-29T23:29:00Z
Modified
2017-06-29T23:29:00Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

References

Affected packages

Ubuntu:Pro:14.04:LTS / ncurses

Package

Name
ncurses
Purl
pkg:deb/ubuntu/ncurses?arch=src?distro=trusty/esm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9+20140118-1ubuntu1+esm1

Affected versions

5.*

5.9+20130608-1ubuntu1
5.9+20131221-1ubuntu1
5.9+20140118-1ubuntu1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "negligible",
    "binaries": [
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib32ncurses5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib32ncurses5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib32ncurses5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib32ncurses5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib32ncursesw5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib32ncursesw5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib32ncursesw5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib32ncursesw5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib32tinfo-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib32tinfo-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib32tinfo5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib32tinfo5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib64ncurses5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib64ncurses5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib64ncurses5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib64ncurses5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib64tinfo5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "lib64tinfo5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libncurses5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libncurses5-dbg"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libncurses5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libncurses5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libncurses5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libncursesw5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libncursesw5-dbg"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libncursesw5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libncursesw5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libncursesw5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libtinfo-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libtinfo-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libtinfo5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libtinfo5-dbg"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libtinfo5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libx32ncurses5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libx32ncurses5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libx32ncurses5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libx32ncurses5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libx32ncursesw5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libx32ncursesw5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libx32ncursesw5-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libx32ncursesw5-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libx32tinfo-dev"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libx32tinfo-dev-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libx32tinfo5"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "libx32tinfo5-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "ncurses-base"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "ncurses-bin"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "ncurses-bin-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "ncurses-doc"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "ncurses-examples"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "ncurses-examples-dbgsym"
        },
        {
            "binary_version": "5.9+20140118-1ubuntu1+esm1",
            "binary_name": "ncurses-term"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / ncurses

Package

Name
ncurses
Purl
pkg:deb/ubuntu/ncurses?arch=src?distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0+20160213-1ubuntu1+esm1

Affected versions

5.*

5.9+20150516-2ubuntu1

6.*

6.0+20151024-2ubuntu1
6.0+20151024-2ubuntu2
6.0+20160213-1ubuntu1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "negligible",
    "binaries": [
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib32ncurses5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib32ncurses5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib32ncurses5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib32ncurses5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib32ncursesw5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib32ncursesw5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib32ncursesw5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib32ncursesw5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib32tinfo-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib32tinfo-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib32tinfo5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib32tinfo5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib64ncurses5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib64ncurses5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib64ncurses5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib64ncurses5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib64tinfo5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "lib64tinfo5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libncurses5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libncurses5-dbg"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libncurses5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libncurses5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libncurses5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libncursesw5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libncursesw5-dbg"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libncursesw5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libncursesw5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libncursesw5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libtinfo-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libtinfo-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libtinfo5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libtinfo5-dbg"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libtinfo5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libx32ncurses5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libx32ncurses5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libx32ncurses5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libx32ncurses5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libx32ncursesw5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libx32ncursesw5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libx32ncursesw5-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libx32ncursesw5-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libx32tinfo-dev"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libx32tinfo-dev-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libx32tinfo5"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "libx32tinfo5-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "ncurses-base"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "ncurses-bin"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "ncurses-bin-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "ncurses-doc"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "ncurses-examples"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "ncurses-examples-dbgsym"
        },
        {
            "binary_version": "6.0+20160213-1ubuntu1+esm1",
            "binary_name": "ncurses-term"
        }
    ]
}

Ubuntu:18.04:LTS / ncurses

Package

Name
ncurses
Purl
pkg:deb/ubuntu/ncurses?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1-1ubuntu1

Affected versions

6.*

6.0+20160625-1ubuntu1
6.0+20171125-1ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "negligible",
    "binaries": [
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib32ncurses5"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib32ncurses5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib32ncurses5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib32ncursesw5"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib32ncursesw5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib32ncursesw5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib32tinfo-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib32tinfo5"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib32tinfo5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib64ncurses5"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib64ncurses5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib64ncurses5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib64tinfo5"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "lib64tinfo5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libncurses5"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libncurses5-dbg"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libncurses5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libncursesw5"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libncursesw5-dbg"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libncursesw5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libtinfo-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libtinfo5"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libtinfo5-dbg"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libtinfo5-udeb"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libx32ncurses5"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libx32ncurses5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libx32ncurses5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libx32ncursesw5"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libx32ncursesw5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libx32ncursesw5-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libx32tinfo-dev"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libx32tinfo5"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "libx32tinfo5-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "ncurses-base"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "ncurses-bin"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "ncurses-bin-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "ncurses-doc"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "ncurses-examples"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "ncurses-examples-dbgsym"
        },
        {
            "binary_version": "6.1-1ubuntu1",
            "binary_name": "ncurses-term"
        }
    ]
}