Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:0733-1

Опубликовано: 04 мар. 2022
Источник: suse-cvrf

Описание

Security update for zsh

This update for zsh fixes the following issues:

  • CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be executed related to prompt expansion (bsc#1196435).
  • CVE-2019-20044: Fixed a vulnerability where shell privileges would not be properly dropped when unsetting the PRIVILEGED option (bsc#1163882).
  • CVE-2018-1100: Fixed a potential code execution via a stack-based buffer overflow in utils.c:checkmailpath() (bsc#1089030).

Список пакетов

HPE Helion OpenStack 8
zsh-5.0.5-6.19.1
Image SLES12-SP4-Azure-BYOS
zsh-5.0.5-6.19.1
Image SLES12-SP4-SAP-Azure-BYOS
zsh-5.0.5-6.19.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
zsh-5.0.5-6.19.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
zsh-5.0.5-6.19.1
Image SLES12-SP5-Azure-BYOS
zsh-5.0.5-6.19.1
Image SLES12-SP5-Azure-Basic-On-Demand
zsh-5.0.5-6.19.1
Image SLES12-SP5-Azure-HPC-BYOS
zsh-5.0.5-6.19.1
Image SLES12-SP5-Azure-HPC-On-Demand
zsh-5.0.5-6.19.1
Image SLES12-SP5-Azure-SAP-BYOS
zsh-5.0.5-6.19.1
Image SLES12-SP5-Azure-SAP-On-Demand
zsh-5.0.5-6.19.1
Image SLES12-SP5-Azure-Standard-On-Demand
zsh-5.0.5-6.19.1
Image SLES12-SP5-EC2-BYOS
zsh-5.0.5-6.19.1
Image SLES12-SP5-EC2-On-Demand
zsh-5.0.5-6.19.1
Image SLES12-SP5-EC2-SAP-BYOS
zsh-5.0.5-6.19.1
Image SLES12-SP5-EC2-SAP-On-Demand
zsh-5.0.5-6.19.1
Image SLES12-SP5-GCE-BYOS
zsh-5.0.5-6.19.1
Image SLES12-SP5-GCE-On-Demand
zsh-5.0.5-6.19.1
Image SLES12-SP5-GCE-SAP-BYOS
zsh-5.0.5-6.19.1
Image SLES12-SP5-GCE-SAP-On-Demand
zsh-5.0.5-6.19.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
zsh-5.0.5-6.19.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
zsh-5.0.5-6.19.1
SUSE Linux Enterprise Server 12 SP2-BCL
zsh-5.0.5-6.19.1
SUSE Linux Enterprise Server 12 SP3-BCL
zsh-5.0.5-6.19.1
SUSE Linux Enterprise Server 12 SP3-LTSS
zsh-5.0.5-6.19.1
SUSE Linux Enterprise Server 12 SP4-LTSS
zsh-5.0.5-6.19.1
SUSE Linux Enterprise Server 12 SP5
zsh-5.0.5-6.19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
zsh-5.0.5-6.19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
zsh-5.0.5-6.19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
zsh-5.0.5-6.19.1
SUSE OpenStack Cloud 8
zsh-5.0.5-6.19.1
SUSE OpenStack Cloud 9
zsh-5.0.5-6.19.1
SUSE OpenStack Cloud Crowbar 8
zsh-5.0.5-6.19.1
SUSE OpenStack Cloud Crowbar 9
zsh-5.0.5-6.19.1

Ссылки

Описание

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.

Затронутые продукты
HPE Helion OpenStack 8:zsh-5.0.5-6.19.1
Image SLES12-SP4-Azure-BYOS:zsh-5.0.5-6.19.1
Image SLES12-SP4-SAP-Azure-BYOS:zsh-5.0.5-6.19.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:zsh-5.0.5-6.19.1
Ссылки

Описание

In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().

Затронутые продукты
HPE Helion OpenStack 8:zsh-5.0.5-6.19.1
Image SLES12-SP4-Azure-BYOS:zsh-5.0.5-6.19.1
Image SLES12-SP4-SAP-Azure-BYOS:zsh-5.0.5-6.19.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:zsh-5.0.5-6.19.1
Ссылки

Описание

In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.

Затронутые продукты
HPE Helion OpenStack 8:zsh-5.0.5-6.19.1
Image SLES12-SP4-Azure-BYOS:zsh-5.0.5-6.19.1
Image SLES12-SP4-SAP-Azure-BYOS:zsh-5.0.5-6.19.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:zsh-5.0.5-6.19.1
Ссылки
Уязвимость SUSE-SU-2022:0733-1