Are you sure this is the page you want?

This is not the current version.

Go to the NetHack Home Page.

Core Bugs (common to all systems)
Windows-only bugs
Build-from-source issues (all platforms)
Spoiler bugs
(These are bugs that merely reading about may spoil your enjoyment of the game or give away answers to puzzles that should be solved. They are on a different page to keep you from seeing them by accident in the main lists.)

(This information is also available in JSON here; the schema is described here.)

Bugs lists for previous versions

Core Bugs (common to all systems)

ID Status Description Additional Info
C343-21 Open Pets can be pulled through closed doors with a leash.
C343-38 Open Dismounting or kicking a monster that jumps may result in landing on the wrong side of a wall.
C343-370 Open Travel (_) command can get stuck trying to plot a path past an interesting dungeon feature, for example, a trap or fountain.
C361-5 Help When getting disconnected from a game running via telnet or ssh, the game may go into an infinite loop instead of aborting.
C364-1 fixed Game may crash if a monster looks at certain tins.
C364-2 fixed Hero can have a chain but no iron ball in rare cases.
C364-3 fixed Extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. CVE-2020-5212
C364-4 fixed Too long value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. CVE-2020-5213
C364-5 fixed Invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. CVE-2020-5211
C364-6 fixed Detecting an unknown configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. CVE-2020-5214
C364-7 fixed Invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. CVE-2020-5210
C364-8 fixed Unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. CVE-2020-5209
(related spoiler bugs)

Windows-only bugs

ID Status Description Additional Info
W364-1 fixed Using tiles_fit_to_screen (old fit_to_screen) may cause NetHackW to crash on launch. This bug is fixed in the 3.6.4 binaries re-released 21-Dec-2019.
W364-2 fixed Game fails to start if username contains characters not usable in filenames.

Build-from-source issues (all platforms)

ID Status Description Additional Info
S364-1 Open tabexpand() can go into an infinite loop when compiled with clang 8.0.0 (MacOS clang version 11) and -Os. This is not an issue for the source as distributed.
S364-2 fixed MSBUILD fails if there are spaces in directory names.

Bug Status Key

StateMeaning
OpenThe bug is unresolved, but we know what we need to about it.
Not a bugSometimes people think this is a bug, but they're wrong.
fixedThe bug will be fixed in the next release..
FixedThe bug will be fixed in a future release.
HelpWe don't know what is causing this - if you see it, please send a detailed bug report. Thanks!
SupersededSee another entry for information on this bug.

About
Known Bug List
Version 3.6.4
License
Known Bug Search
Archive
Policies
Site Map
Old News
Security Issues
Developer Resources
Old Versions
Contact Us

Hosted by:     Get NetHack at SourceForge.net. Fast, secure and Free Open Source software downloads

NetHack is Copyright 1985-2023 by Stichting Mathematisch Centrum and M. Stephenson. See our license for details.
This site is Copyright 1999-2023 by Kenneth Lorber, Kensington, Maryland.