SB2018040913 - Fedora 28 update for zsh
Published: April 9, 2018 Updated: April 24, 2025
Security Bulletin ID
SB2018040913
Severity
Low
Patch available
YES
Number of vulnerabilities
3
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Stack-based buffer overflow (CVE-ID: CVE-2018-1100)
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists due to stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Buffer overflow (CVE-ID: CVE-2018-1083)
The vulnerability allows a local attacker to gain elevated privileges on the target system.The weakness exists in the compctl.c source code file due to insufficient bounds checking on the PATH_MAX-sized buffer used for file completion candidates. A local attacker can create a malicious directory path, trick the victim into using the autocomplete functionality to traverse the path, trigger buffer overflow and execute arbitrary code with root privileges.
Successful exploitation of the vulnerability may result in system compromise.
3) Stack-based buffer overflow (CVE-ID: CVE-2018-1071)
The vulnerability allows a local attacker to cause DOS condition on the target system.The weakness exists in the exec.c:hashcmd() function due to stack-based buffer overflow. A local attacker can trigger memory corruption and cause the service to crash.
Remediation
Install update from vendor's website.