zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2018:1932 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2018:3073 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1563395 | Issue Tracking Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2020/12/msg00000.html | |
https://security.gentoo.org/glsa/201805-10 | Third Party Advisory |
https://sourceforge.net/p/zsh/code/ci/31f72205630687c1cef89347863aab355296a27f/ | Patch |
https://usn.ubuntu.com/3764-1/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 02:55
Type | Values Removed | Values Added |
---|---|---|
CWE |
13 Feb 2023, 04:53
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-120 CWE-121 |
|
References |
|
|
Summary | zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user. |
02 Feb 2023, 21:18
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A buffer overflow flaw was found in the zsh shell check path functionality. A local, unprivileged user can create a specially crafted message file, which, if used to set a custom "you have new mail" message, leads to code execution in the context of the user who receives the message. If the user affected is privileged, this leads to privilege escalation. |
Information
Published : 2018-04-11 19:29
Updated : 2023-12-10 12:30
NVD link : CVE-2018-1100
Mitre link : CVE-2018-1100
CVE.ORG link : CVE-2018-1100
JSON object : View
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux_workstation
- enterprise_linux_server
zsh
- zsh
canonical
- ubuntu_linux