Описание
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
A buffer overflow flaw was found in the zsh shell file descriptor redirection functionality. An attacker could use this flaw to cause a denial of service by crashing the user shell.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | zsh | Will not fix | ||
| Red Hat Enterprise Linux 6 | zsh | Will not fix | ||
| Red Hat Enterprise Linux 8 | zsh | Not affected | ||
| Red Hat Enterprise Linux 7 | zsh | Fixed | RHSA-2018:3073 | 30.10.2018 |
Показывать по
Дополнительная информация
Статус:
2.8 Low
CVSS3
Связанные уязвимости
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
In exec.c in zsh before 5.0.7, there is a buffer overflow for very lon ...
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
ELSA-2018-3073: zsh security and bug fix update (MODERATE)
2.8 Low
CVSS3