FS#57988 : [zsh] CVE-2018-1083 zsh: Stack-based buffer overflow in gen_matches

FS#57988 - [zsh] CVE-2018-1083 zsh: Stack-based buffer overflow in gen_matches_files() at compctl.c

Attached to Project: Arch Linux
Opened by Karol Babioch (kbabioch) - Tuesday, 27 March 2018, 08:15 GMT
Last edited by Jelle van der Waa (jelly) - Saturday, 05 January 2019, 16:18 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Pierre Schmitz (Pierre) Levente Polyak (anthraxx)
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

zsh is vulnerable to a stack-based buffer overflow in the gen_matches_files() function. A local attacker could exploit this through tab completion of directories with long names leading to arbitrary code execution.

Upstream fix:
https://sourceforge.net/p/zsh/code/ci/259ac472eac291c8c103c7a0d8a4eaf3c2942ed7

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1557382
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1083

This task depends upon

Closed by Jelle van der Waa (jelly)
Saturday, 05 January 2019, 16:18 GMT
Reason for closing: Deferred
Additional comments about closing: Arch has zsh 5.6.2, issue was fixed in 5.4.2

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#57988 - [zsh] CVE-2018-1083 zsh: Stack-based buffer overflow in gen_matches_files() at compctl.c

Details

Loading...