Multiple memory corruption vulnerabilities have been discovered in the widely used programming library “ncurses.” These vulnerabilities, collectively tracked as CVE-2023-29491 [3] [4] [5], allow threat actors to gain escalated privileges and run malicious code by exploiting the parsing of “terminfo” files, which contain information about terminal capabilities [6].
Description
Threat actors with local privileges can trigger memory corruption by using malformed data in the terminfo database file or environment variables [2]. This vulnerability is associated with several internal issues [2], including heap out-of-bounds [2] [3], parameterized string type confusion [2] [3] [6], stack information leak [2] [3] [6], and denial of service [2] [3] [6]. Microsoft researchers discovered these flaws and disclosed them to the ncurses maintainer and Apple. Apple has released an update specifically addressing the ncurses vulnerabilities for macOS Monterey. As of April 2023 [1] [3] [4], the vulnerabilities have been addressed, and the library maintainer has issued a patch to fix them. Red Hat has assessed these vulnerabilities as a medium severity threat [5], particularly for setuid applications [5].
Conclusion
To mitigate these risks, it is crucial for developers to ensure that their libraries are up-to-date [5]. The vulnerabilities in ncurses have been addressed [6], and Apple has released an update for macOS Monterey [5]. However, it is important for users to install the patch and keep their systems updated to protect against potential exploits. Developers should also regularly check for security updates and apply them promptly to prevent any future vulnerabilities.
References
[1] https://vulners.com/thn/THN:EC494BFC161D22FB1B589DC7835D76BE
[2] https://gbhackers.com/memory-corruption-flaw-api-library/
[3] https://www.redpacketsecurity.com/microsoft-uncovers-flaws-in-ncurses-library-affecting-linux-and-macos-systems/
[4] https://thehackernews.com/2023/09/microsoft-uncovers-flaws-in-ncurses.html
[5] https://www.darkreading.com/application-security/microsoft-flushes-out-ncurses-gremlins
[6] https://www.cyberkendra.com/2023/09/microsoft-uncovered-critical-flaws-in.html
