Severity: Unknown
Affected Package: ncurses
Summary: stack-based buffer overflow in postprocess_termcap via a crafted termcap ko capability
The ko capability processing loop in postprocess_termcap() copied termcap string values into a fixed buf2[MAX_TERMINFO_LENGTH] stack buffer without bounds checking, allowing a stack-based buffer overflow via a crafted termcap entry. Fixed by backporting the buffer-limit check from ncurses 6.5-20250329.
No specific recommendations provided.
Aliases: CVE-2025-6141
Published: June 11, 2026
Last Modified: June 11, 2026