nethack: Privilege escalation/remote code execution/crash in configuration parsing (CVE-2019-19905)| ID: oval:org.secpod.oval:def:1802002 | Date: (C)2022-03-25 (M)2022-10-10 |
| Class: PATCH | Family: unix |
NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files.
| Platform: |
| Alpine Linux 3.12 |
| Alpine Linux 3.13 |
| Alpine Linux 3.14 |
| Alpine Linux 3.15 |
