Summary: | app-shells/ksh: some environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Mike Gilbert <floppym> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | floppym |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2 | ||
See Also: | https://bugzilla.redhat.com/show_bug.cgi?id=1757324 | ||
Whiteboard: | ~2 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Mike Gilbert
2020-02-07 15:56:08 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=17c85a06ac2f352567348a04c4f682c950105417 commit 17c85a06ac2f352567348a04c4f682c950105417 Author: Mike Gilbert <floppym@gentoo.org> AuthorDate: 2020-02-07 16:07:03 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2020-02-07 16:07:24 +0000 app-shells/ksh: add fix for CVE-2019-14868 Bug: https://bugs.gentoo.org/708618 Package-Manager: Portage-2.3.86_p1, Repoman-2.3.20_p43 Signed-off-by: Mike Gilbert <floppym@gentoo.org> app-shells/ksh/files/CVE-2019-14868.patch | 89 ++++++++++++++++++++++ ...{ksh-2020.0.0.ebuild => ksh-2020.0.0-r1.ebuild} | 3 +- 2 files changed, 91 insertions(+), 1 deletion(-) Tree is clean. CVE-2019-14868 (https://nvd.nist.gov/vuln/detail/CVE-2019-14868): In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely. |