CVE-2020-5213 : Security Advisory and Response
Learn about CVE-2020-5213 affecting NetHack before 3.6.5. Discover the impact, affected systems, and mitigation steps to prevent buffer overflow vulnerabilities.
NetHack SYMBOL configuration file option is subject to a buffer overflow.
Understanding CVE-2020-5213
In NetHack before 3.6.5, a buffer overflow vulnerability exists in the SYMBOL configuration file option, potentially leading to a crash or remote code execution/privilege escalation.
What is CVE-2020-5213?
The vulnerability in NetHack before version 3.6.5 arises from excessively long values in the SYMBOL configuration file option, allowing attackers to trigger a buffer overflow.
The Impact of CVE-2020-5213
The vulnerability can result in a crash or enable attackers to execute remote code or escalate privileges. Systems with NetHack installed suid/sgid and shared systems allowing user configuration uploads are at risk.
Technical Details of CVE-2020-5213
Vulnerability Description
- Buffer overflow vulnerability in NetHack SYMBOL configuration file option
Affected Systems and Versions
- Product: NetHack
- Vendor: NetHack
- Versions Affected: < 3.6.5
Exploitation Mechanism
- Attack Complexity: High
- Attack Vector: Local
- Privileges Required: Low
- User Interaction: Required
- Scope: Changed
Mitigation and Prevention
Immediate Steps to Take
- Upgrade to NetHack version 3.6.5
Long-Term Security Practices
- Avoid running NetHack with elevated privileges
- Restrict user access to configuration files
Patching and Updates
- Apply patches and updates promptly to address the vulnerability