FS#54468 - [nethack] Potential security risk (buffer overflow).
Attached to Project:
Community Packages
Opened by Dalton Nell (naelstrof) - Thursday, 15 June 2017, 18:45 GMT
Last edited by Ivy Foster (escondida) - Thursday, 10 October 2019, 23:05 GMT
Opened by Dalton Nell (naelstrof) - Thursday, 15 June 2017, 18:45 GMT
Last edited by Ivy Foster (escondida) - Thursday, 10 October 2019, 23:05 GMT
|
Details
Description: nethack 3.6.0-1 has a buffer overflow
vulnerability that is really easy to trigger (even by
accident), by simply having a ~/.nethackrc that's too large,
or by passing too long of a string as a parameter to
nethack.
Additional info: Here's a couple sources demonstrating the vulnerability: https://www.exploit-db.com/exploits/22233/ (related links are at the bottom) The buffer overflow was "fixed" in 3.6.1, and this (recent) commit apparently fixes it for real. https://github.com/NetHack/NetHack/commit/119b86bf09b36a35cbe120b5ac5a4c3206d8f6c8 Steps to reproduce: ```sh sudo pacman -S nethack wget https://raw.githubusercontent.com/Tolchi/dotfile/master/nethackrc -O ~/.nethackrc nethack ``` Sorry if I should've just flagged it out of date, but I'm unsure if it's completely fixed by just updating to 3.6.1. |
This task depends upon
Closed by Ivy Foster (escondida)
Thursday, 10 October 2019, 23:05 GMT
Reason for closing: Fixed
Additional comments about closing: nethack's now at 3.6.2 and the fix should be well-integrated.
Thursday, 10 October 2019, 23:05 GMT
Reason for closing: Fixed
Additional comments about closing: nethack's now at 3.6.2 and the fix should be well-integrated.