Input validation error in Bash

#VU39367 Input validation error in Bash

Cybersecurity Help s.r.o.

Published: 2017-03-27 | Updated: 2020-08-08

Vulnerability identifier: #VU39367

Vulnerability risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5932

CWE-ID: CWE-20

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Bash
Universal components / Libraries / Scripting languages

Vendor: GNU

Description

The vulnerability allows a local authenticated user to execute arbitrary code.

The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " (double quote) character and a command substitution metacharacter.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Bash: 4.4

External links
http://git.savannah.gnu.org/cgit/bash.git/commit/?id=4f747edc625815f449048579f6e65869914dd715
http://www.openwall.com/lists/oss-security/2017/02/08/3
http://www.securityfocus.com/bid/96136
http://lists.gnu.org/archive/html/bug-bash/2017-01/msg00034.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Cloud Transformation Advisor

Multiple vulnerabilities in IBM Netcool Operations Insight

Input validation error in GNU Bash