Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems

1 week ago 14

Sep 14, 2023THNEndpoint Security / Vulnerability

Linux and macOS Systems

A acceptable of representation corruption flaws person been discovered successful the ncurses (short for new curses) programming room that could beryllium exploited by menace actors to tally malicious codification connected susceptible Linux and macOS systems.

"Using situation adaptable poisoning, attackers could concatenation these vulnerabilities to elevate privileges and tally codification successful the targeted program's discourse oregon execute different malicious actions," Microsoft Threat Intelligence researchers Jonathan Bar Or, Emanuele Cozzi, and Michael Pearse said successful a method study published today.


The vulnerabilities, collectively tracked arsenic CVE-2023-29491 (CVSS people of 7.8), person been addressed arsenic of April 2023. Microsoft said it besides worked with Apple connected addressing the macOS-specific issues related to these flaws.

Environment variables are user-defined values that tin beryllium utilized by aggregate programs connected a strategy and tin impact the mode successful which they behave connected the system. Manipulating the variables tin origin applications to execute different unauthorized operations.

Microsoft's codification auditing and fuzzing recovered that the ncurses room searches for respective situation variables, including TERMINFO, which could beryllium poisoned and combined with the identified flaws to execute privilege escalation. Terminfo is simply a database that enables programs to usage show terminals successful a device-independent manner.


Identity is the New Endpoint: Mastering SaaS Security successful the Modern Age

Dive heavy into the aboriginal of SaaS information with Maor Bin, CEO of Adaptive Shield. Discover wherefore individuality is the caller endpoint. Secure your spot now.

Supercharge Your Skills

The flaws encompass a stack accusation leak, a parameterized drawstring benignant confusion, an off-by-one error, a heap out-of-bounds during terminfo database record parsing, and a denial-of-service with canceled strings.

"The discovered vulnerabilities could person been exploited by attackers to elevate privileges and tally codification wrong a targeted program's context," the researchers said. "Nonetheless, gaining power of a programme done exploiting representation corruption vulnerabilities requires a multi-stage attack."

"The vulnerabilities whitethorn person needed to beryllium chained unneurotic for an attacker to elevate privileges, specified arsenic exploiting the stack accusation leak to summation arbitrary work primitives on with exploiting the heap overflow to get a constitute primitive."

Found this nonfiction interesting? Follow america connected Twitter and LinkedIn to work much exclusive contented we post.

Read Entire Article