CVE-2025-6141

CVSS v4.0

4.8

Medium

Vector

AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X

Name of the Vulnerable Software and Affected Versions GNU ncurses versions up to 6.5-20250322

Description A stack-based buffer overflow issue has been identified, affecting the postprocess termcap function in the tinfo/parse entry.c file. This issue can be exploited locally.

Recommendations For GNU ncurses versions up to 6.5-20250322, upgrade to version 6.5-20250329 to address this issue. As a temporary workaround, consider restricting access to the postprocess termcap function until the upgrade is applied.

Fix

Stack Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-119

Related Identifiers

AZL-64139

CVE-2025-6141

ECHO-D3C9-C3E9-90E8

JLSEC-2026-454

OESA-2025-1851

Affected Products

Debian

Ncurses

CVE-2025-6141

Weakness Enumeration

Related Identifiers

Affected Products

References · 27