BASH_CMDS is writable in restricted bash shells (fixed upstream, need to backport patch)
Bug #1803441 reported by
Andrew Zonenberg
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
bash (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Leonidas S. Barbosa |
Bug Description
In 14.04 LTS, the BASH_CMDS variable is writable in rbash. This allows a trivial escape from rbash to run arbitrary shell commands.
This issue is fixed upstream: http://
CVE References
information type: | Private Security → Public Security |
Changed in bash (Ubuntu Trusty): | |
status: | New → In Progress |
assignee: | nobody → Leonidas S. Barbosa (leosilvab) |
To post a comment you must log in.
Hi Andrew, thanks for reporting this. Do you know if a CVE was assigned for this issue?