CNNVD-202506-1939 Information

CNNVD ID

CNNVD-202506-1939

Related CVE

CVE-2025-6141

• CNNVD Published: 2025-06-16

Description (Chinese)

GNU ncurses是美国GNU社区的一个用于在基于文本的终端上创建用户界面的编程库。 GNU ncurses 6.5-20250322及之前版本存在安全漏洞，该漏洞源于函数postprocess_termcap存在栈缓冲区溢出。

Description (English)

GNU ncurses is a programming library for creating user interfaces on text-based terminals in the GNU community in the United States. There is a security loophole in GNU ncurses 6.5-20250322 and earlier versions, which stems from the presence of a silo buffer zone in the function postprocess termcap.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

GNU

Published

2025-06-16

Last Modified

2026-02-24

References

https://invisible-island.net/ncurses/NEWS.html#index-t20250329 https://lists.gnu.org/archive/html/bug-ncurses/2025-03/msg00107.html https://lists.gnu.org/archive/html/bug-ncurses/2025-03/msg00109.html https://lists.gnu.org/archive/html/bug-ncurses/2025-03/msg00114.html https://vuldb.com/?ctiid.312610 https://vuldb.com/?id.312610 https://vuldb.com/?submit.593000 https://www.gnu.org/