vulnerability

Huawei EulerOS: CVE-2019-18276: bash security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	11/28/2019	02/26/2020	03/05/2020

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

11/28/2019

Added

02/26/2020

Modified

03/05/2020

Description

An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.

Solution(s)

huawei-euleros-2_0_sp8-upgrade-bashhuawei-euleros-2_0_sp8-upgrade-bash-doc

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today