Описание
In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 5.4.2-3ubuntu3.2 |
| devel | not-affected | 5.8-3ubuntu1 |
| eoan | ignored | end of life |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 5.4.2-3ubuntu3.2 |
| esm-infra/focal | not-affected | 5.8-3ubuntu1 |
| esm-infra/xenial | released | 5.1.1-1ubuntu2.3+esm1 |
| focal | not-affected | 5.8-3ubuntu1 |
| groovy | not-affected | 5.8-3ubuntu1 |
| hirsute | not-affected | 5.8-3ubuntu1 |
Показывать по
EPSS
7.2 High
CVSS2
7.8 High
CVSS3
Связанные уязвимости
In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().
In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().
In Zsh before 5.8, attackers able to execute commands can regain privi ...
In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().
EPSS
7.2 High
CVSS2
7.8 High
CVSS3