In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2018:1932 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2018:3073 | Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2020/12/msg00000.html | |
https://security.gentoo.org/glsa/201805-10 | Third Party Advisory |
https://sourceforge.net/p/zsh/code/ci/c7a9cf465dd620ef48d586026944d9bd7a0d5d6d | Patch Third Party Advisory |
https://usn.ubuntu.com/3593-1/ | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2018-02-27 22:29
Updated : 2024-02-04 19:46
NVD link : CVE-2017-18206
Mitre link : CVE-2017-18206
CVE.ORG link : CVE-2017-18206
JSON object : View
Products Affected
canonical
- ubuntu_linux
zsh
- zsh
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer