GNU Bash redir_stack out-of-the-box Memory Access Vulnerability (CVE-2014-7186)

GNU Bash redir_stack out-of-the-box Memory Access Vulnerability (CVE-2014-7186)

Release date:
Updated on:

Affected Systems:
GNU Bash <= 4.3 bash43-025
Description:
Bugtraq id: 70152
CVE (CAN) ID: CVE-2014-7186

Bash, a Unix shell, was written by Brian fox for the GNU program in 1987. It can run on most Unix-like operating systems, including Linux and Mac OS X v10.4 using it as the default shell.

Bash 4.3 bash43-025 and earlier versions have a fixed-size redir_stack overflow vulnerability when evaluating suspicious input, which can cause memory corruption and arbitrary code execution.

<* Source: Todd Sabin (tsabin@razor.bindview.com)

Link: https://bugzilla.redhat.com/show_bug.cgi? CVE-2014-7186
*>

Suggestion:
Vendor patch:

GNU
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.gnu.org/software/bash

Refer:
Https://bugzilla.redhat.com/attachment.cgi? Bugid = 1146791 & action = enter

Gitlab-shell is affected by Bash CVE-2014-6271 Vulnerability

Linux security vulnerability exposure Bash is more serious than heartbleed

The solution is to upgrade Bash. Please refer to this article.

This article permanently updates the link address: