Nethack · Nethack · CVE-2023-24809
**Name of the Vulnerable Software and Affected Versions**
NetHack versions 3.6.2 through 3.6.6
**Description**
The issue arises from illegal input to the "C" (call) command, which can cause a buffer overflow and crash the NetHack process. This may pose a security risk for systems with NetHack installed suid/sgid and for shared systems, potentially leading to a process crash.
**Recommendations**
For versions 3.6.2 through 3.6.6, update to NetHack 3.6.7 to resolve the issue.