[RndTbl] [SECURITY] Fedora 38 Update: ncurses-6.4-7.20230520.fc38
Trevor Cordes
trevor at tecnopolis.ca
Tue Jan 30 21:42:30 CST 2024
On 2024-01-31 Adam Thompson wrote:
> Anyone who uses the idiom "sudo vim file" (possibly even "sudoedit
> file"?) could easily be hit. Well, once someone manages to populate
> their ~/.terminfo or $TERM or $TERMINFO with malicious information,
> which I'd say is actually the harder part. Although given the number
> of people who will happily do "curl -O - http://.... | bash" maybe
> not so hard after all. -Adam
Ah yes, completely forgot the editor angle. Doh. That's a scary
thought. I guess you really should limit what you run as root...
having a hole like this in ncurses is almost as bad as having it in
stdlib!
The terminfo requirements of the hack would mean the most likely vector
would have to be someone who already has local system access? Other
than your curl example, it might be hard to use this remotely.
Still, they gave it 7.8... which isn't often. Maybe there are more
angles we haven't spotted yet.
More information about the Roundtable
mailing list