Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:0732-1

Опубликовано: 04 мар. 2022
Источник: suse-cvrf

Описание

Security update for zsh

This update for zsh fixes the following issues:

  • CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be executed related to prompt expansion (bsc#1196435).
  • CVE-2019-20044: Fixed a vulnerability where shell privileges would not be properly dropped when unsetting the PRIVILEGED option (bsc#1163882).

Список пакетов

Image SLES15-Azure-BYOS
zsh-5.6-3.11.1
Image SLES15-SAP-Azure-BYOS
zsh-5.6-3.11.1
Image SLES15-SAP-Azure-LI-BYOS-Production
zsh-5.6-3.11.1
Image SLES15-SAP-Azure-VLI-BYOS-Production
zsh-5.6-3.11.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
zsh-5.6-3.11.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
zsh-5.6-3.11.1
SUSE Linux Enterprise Server 15-LTSS
zsh-5.6-3.11.1
SUSE Linux Enterprise Server for SAP Applications 15
zsh-5.6-3.11.1

Ссылки

Описание

In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().

Затронутые продукты
Image SLES15-Azure-BYOS:zsh-5.6-3.11.1
Image SLES15-SAP-Azure-BYOS:zsh-5.6-3.11.1
Image SLES15-SAP-Azure-LI-BYOS-Production:zsh-5.6-3.11.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:zsh-5.6-3.11.1
Ссылки

Описание

In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.

Затронутые продукты
Image SLES15-Azure-BYOS:zsh-5.6-3.11.1
Image SLES15-SAP-Azure-BYOS:zsh-5.6-3.11.1
Image SLES15-SAP-Azure-LI-BYOS-Production:zsh-5.6-3.11.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:zsh-5.6-3.11.1
Ссылки