VULHUB ™

It has been reported that GNU Chess is prone to a buffer overflow issue that may allow an attacker to gain elevated privileges. The problem is present due to improper handling of user-supplied data from command line parameters. A local attacker may leverage the issue by exploiting an unbounded memory copy operation to overwrite the saved return address/base pointer, causing the affected procedures to return to an address of their choice.

It has been reported that GNU Chess is prone to a buffer overflow issue that may allow an attacker to gain elevated privileges. The problem is present due to improper handling of user-supplied data from command line parameters. A local attacker may leverage the issue by exploiting an unbounded memory copy operation to overwrite the saved return address/base pointer, causing the affected procedures to return to an address of their choice.