Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-14868
Vulnerability from cvelistv5
Published
2020-04-02 16:48
Modified
2024-08-05 00:26
Severity ?
EPSS score ?
Summary
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:26:39.141Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT211170", }, { name: "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2020/May/53", }, { name: "[debian-lts-announce] 20200720 [SECURITY] [DLA 2284-1] ksh security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ksh", vendor: "KornShell", versions: [ { status: "affected", version: "20120801", }, ], }, ], descriptions: [ { lang: "en", value: "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-20T23:06:17", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT211170", }, { name: "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2020/May/53", }, { name: "[debian-lts-announce] 20200720 [SECURITY] [DLA 2284-1] ksh security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-14868", datePublished: "2020-04-02T16:48:57", dateReserved: "2019-08-10T00:00:00", dateUpdated: "2024-08-05T00:26:39.141Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2019-14868\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-04-02T17:15:13.990\",\"lastModified\":\"2024-11-21T04:27:32.553\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.\"},{\"lang\":\"es\",\"value\":\"En ksh versión 20120801, se detectó un fallo en la manera que evalúa determinadas variables de entorno. Un atacante podría usar este fallo para anular u omitir unas restricciones del entorno para ejecutar comandos de shell. Los servicios y las aplicaciones permiten a atacantes remotos no autenticados proporcionar una de esas variables de entorno que podrían permitirles explotar este problema remotamente.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.4,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ksh_project:ksh:20120801:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C453FD9C-7375-4E2E-84AD-ABC3CC786153\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.15.5\",\"matchCriteriaId\":\"99973242-A249-4C34-B042-5F833AE73708\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2020/May/53\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT211170\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2020/May/53\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT211170\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}", }, }
rhsa-2020:0515
Vulnerability from csaf_redhat
Published
2020-02-17 09:03
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0515", url: "https://access.redhat.com/errata/RHSA-2020:0515", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0515.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:24+00:00", generator: { date: "2024-11-22T14:25:24+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0515", initial_release_date: "2020-02-17T09:03:47+00:00", revision_history: [ { date: "2020-02-17T09:03:47+00:00", number: "1", summary: "Initial version", }, { date: "2020-02-17T09:03:47+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:24+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux HPC Node (v. 6)", product: { name: "Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 6)", product: { name: "Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.i686", product: { name: "ksh-0:20120801-38.el6_10.i686", product_id: "ksh-0:20120801-38.el6_10.i686", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=i686", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-38.el6_10.i686", product: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686", product_id: "ksh-debuginfo-0:20120801-38.el6_10.i686", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.x86_64", product: { name: "ksh-0:20120801-38.el6_10.x86_64", product_id: "ksh-0:20120801-38.el6_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", product: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", product_id: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.src", product: { name: "ksh-0:20120801-38.el6_10.src", product_id: "ksh-0:20120801-38.el6_10.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.s390x", product: { name: "ksh-0:20120801-38.el6_10.s390x", product_id: "ksh-0:20120801-38.el6_10.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-38.el6_10.s390x", product: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x", product_id: "ksh-debuginfo-0:20120801-38.el6_10.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.ppc64", product: { name: "ksh-0:20120801-38.el6_10.ppc64", product_id: "ksh-0:20120801-38.el6_10.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=ppc64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", product: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", product_id: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", }, product_reference: "ksh-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", }, product_reference: "ksh-0:20120801-38.el6_10.src", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", }, product_reference: "ksh-0:20120801-38.el6_10.i686", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", }, product_reference: "ksh-0:20120801-38.el6_10.src", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.i686", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", }, product_reference: "ksh-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", }, product_reference: "ksh-0:20120801-38.el6_10.src", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", }, product_reference: "ksh-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", }, product_reference: "ksh-0:20120801-38.el6_10.src", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Workstation-6.10.z", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-02-17T09:03:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0515", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
RHSA-2020:2210
Vulnerability from csaf_redhat
Published
2020-05-19 22:43
Modified
2024-11-22 14:26
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:2210", url: "https://access.redhat.com/errata/RHSA-2020:2210", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2210.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:26:01+00:00", generator: { date: "2024-11-22T14:26:01+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:2210", initial_release_date: "2020-05-19T22:43:17+00:00", revision_history: [ { date: "2020-05-19T22:43:17+00:00", number: "1", summary: "Initial version", }, { date: "2020-05-19T22:43:17+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:26:01+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server E4S (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_e4s:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server TUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_tus:7.4::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-36.el7_4.x86_64", product: { name: "ksh-0:20120801-36.el7_4.x86_64", product_id: "ksh-0:20120801-36.el7_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", product: { name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", product_id: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-36.el7_4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-36.el7_4.src", product: { name: "ksh-0:20120801-36.el7_4.src", product_id: "ksh-0:20120801-36.el7_4.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-36.el7_4.ppc64le", product: { name: "ksh-0:20120801-36.el7_4.ppc64le", product_id: "ksh-0:20120801-36.el7_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le", product: { name: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le", product_id: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-36.el7_4?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", }, product_reference: "ksh-0:20120801-36.el7_4.src", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", }, product_reference: "ksh-0:20120801-36.el7_4.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", }, product_reference: "ksh-0:20120801-36.el7_4.src", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", }, product_reference: "ksh-0:20120801-36.el7_4.src", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-05-19T22:43:17+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2210", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020:0568
Vulnerability from csaf_redhat
Published
2020-02-24 09:05
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0568", url: "https://access.redhat.com/errata/RHSA-2020:0568", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0568.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:39+00:00", generator: { date: "2024-11-22T14:25:39+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0568", initial_release_date: "2020-02-24T09:05:27+00:00", revision_history: [ { date: "2020-02-24T09:05:27+00:00", number: "1", summary: "Initial version", }, { date: "2020-02-24T09:05:27+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:39+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.x86_64", product: { name: "ksh-0:20120801-140.el7_7.x86_64", product_id: "ksh-0:20120801-140.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", product: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", product_id: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.src", product: { name: "ksh-0:20120801-140.el7_7.src", product_id: "ksh-0:20120801-140.el7_7.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.s390x", product: { name: "ksh-0:20120801-140.el7_7.s390x", product_id: "ksh-0:20120801-140.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_7.s390x", product: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x", product_id: "ksh-debuginfo-0:20120801-140.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.ppc64", product: { name: "ksh-0:20120801-140.el7_7.ppc64", product_id: "ksh-0:20120801-140.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=ppc64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", product: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", product_id: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.ppc64le", product: { name: "ksh-0:20120801-140.el7_7.ppc64le", product_id: "ksh-0:20120801-140.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", product: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", product_id: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", }, product_reference: "ksh-0:20120801-140.el7_7.src", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", }, product_reference: "ksh-0:20120801-140.el7_7.src", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", }, product_reference: "ksh-0:20120801-140.el7_7.src", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", }, product_reference: "ksh-0:20120801-140.el7_7.src", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Workstation-7.7.Z", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-02-24T09:05:27+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0568", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020_2210
Vulnerability from csaf_redhat
Published
2020-05-19 22:43
Modified
2024-11-22 14:26
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:2210", url: "https://access.redhat.com/errata/RHSA-2020:2210", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2210.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:26:01+00:00", generator: { date: "2024-11-22T14:26:01+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:2210", initial_release_date: "2020-05-19T22:43:17+00:00", revision_history: [ { date: "2020-05-19T22:43:17+00:00", number: "1", summary: "Initial version", }, { date: "2020-05-19T22:43:17+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:26:01+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server E4S (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_e4s:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server TUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_tus:7.4::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-36.el7_4.x86_64", product: { name: "ksh-0:20120801-36.el7_4.x86_64", product_id: "ksh-0:20120801-36.el7_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", product: { name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", product_id: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-36.el7_4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-36.el7_4.src", product: { name: "ksh-0:20120801-36.el7_4.src", product_id: "ksh-0:20120801-36.el7_4.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-36.el7_4.ppc64le", product: { name: "ksh-0:20120801-36.el7_4.ppc64le", product_id: "ksh-0:20120801-36.el7_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le", product: { name: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le", product_id: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-36.el7_4?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", }, product_reference: "ksh-0:20120801-36.el7_4.src", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", }, product_reference: "ksh-0:20120801-36.el7_4.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", }, product_reference: "ksh-0:20120801-36.el7_4.src", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", }, product_reference: "ksh-0:20120801-36.el7_4.src", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-05-19T22:43:17+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2210", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020_0568
Vulnerability from csaf_redhat
Published
2020-02-24 09:05
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0568", url: "https://access.redhat.com/errata/RHSA-2020:0568", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0568.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:39+00:00", generator: { date: "2024-11-22T14:25:39+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0568", initial_release_date: "2020-02-24T09:05:27+00:00", revision_history: [ { date: "2020-02-24T09:05:27+00:00", number: "1", summary: "Initial version", }, { date: "2020-02-24T09:05:27+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:39+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.x86_64", product: { name: "ksh-0:20120801-140.el7_7.x86_64", product_id: "ksh-0:20120801-140.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", product: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", product_id: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.src", product: { name: "ksh-0:20120801-140.el7_7.src", product_id: "ksh-0:20120801-140.el7_7.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.s390x", product: { name: "ksh-0:20120801-140.el7_7.s390x", product_id: "ksh-0:20120801-140.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_7.s390x", product: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x", product_id: "ksh-debuginfo-0:20120801-140.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.ppc64", product: { name: "ksh-0:20120801-140.el7_7.ppc64", product_id: "ksh-0:20120801-140.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=ppc64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", product: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", product_id: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.ppc64le", product: { name: "ksh-0:20120801-140.el7_7.ppc64le", product_id: "ksh-0:20120801-140.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", product: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", product_id: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", }, product_reference: "ksh-0:20120801-140.el7_7.src", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", }, product_reference: "ksh-0:20120801-140.el7_7.src", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", }, product_reference: "ksh-0:20120801-140.el7_7.src", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", }, product_reference: "ksh-0:20120801-140.el7_7.src", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Workstation-7.7.Z", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-02-24T09:05:27+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0568", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020:1332
Vulnerability from csaf_redhat
Published
2020-04-06 16:56
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:1332", url: "https://access.redhat.com/errata/RHSA-2020:1332", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1332.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:53+00:00", generator: { date: "2024-11-22T14:25:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:1332", initial_release_date: "2020-04-06T16:56:28+00:00", revision_history: [ { date: "2020-04-06T16:56:28+00:00", number: "1", summary: "Initial version", }, { date: "2020-04-06T16:56:28+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product: { name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.5::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.5)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.5::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.x86_64", product: { name: "ksh-0:20120801-138.el7_5.x86_64", product_id: "ksh-0:20120801-138.el7_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", product: { name: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", product_id: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.src", product: { name: "ksh-0:20120801-138.el7_5.src", product_id: "ksh-0:20120801-138.el7_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.s390x", product: { name: "ksh-0:20120801-138.el7_5.s390x", product_id: "ksh-0:20120801-138.el7_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-138.el7_5.s390x", product: { name: "ksh-debuginfo-0:20120801-138.el7_5.s390x", product_id: "ksh-debuginfo-0:20120801-138.el7_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.ppc64", product: { name: "ksh-0:20120801-138.el7_5.ppc64", product_id: "ksh-0:20120801-138.el7_5.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=ppc64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", product: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", product_id: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.ppc64le", product: { name: "ksh-0:20120801-138.el7_5.ppc64le", product_id: "ksh-0:20120801-138.el7_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", product: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", product_id: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", }, product_reference: "ksh-0:20120801-138.el7_5.ppc64", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", }, product_reference: "ksh-0:20120801-138.el7_5.ppc64le", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", }, product_reference: "ksh-0:20120801-138.el7_5.s390x", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", }, product_reference: "ksh-0:20120801-138.el7_5.src", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", }, product_reference: "ksh-0:20120801-138.el7_5.x86_64", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.s390x", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", }, product_reference: "ksh-0:20120801-138.el7_5.ppc64", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", }, product_reference: "ksh-0:20120801-138.el7_5.ppc64le", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", }, product_reference: "ksh-0:20120801-138.el7_5.s390x", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", }, product_reference: "ksh-0:20120801-138.el7_5.src", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", }, product_reference: "ksh-0:20120801-138.el7_5.x86_64", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.s390x", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", relates_to_product_reference: "7Server-7.5.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-06T16:56:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1332", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020:1333
Vulnerability from csaf_redhat
Published
2020-04-06 17:33
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:1333", url: "https://access.redhat.com/errata/RHSA-2020:1333", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1333.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:46+00:00", generator: { date: "2024-11-22T14:25:46+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:1333", initial_release_date: "2020-04-06T17:33:52+00:00", revision_history: [ { date: "2020-04-06T17:33:52+00:00", number: "1", summary: "Initial version", }, { date: "2020-04-06T17:33:52+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:46+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.s390x", product: { name: "ksh-0:20120801-140.el7_6.s390x", product_id: "ksh-0:20120801-140.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_6.s390x", product: { name: "ksh-debuginfo-0:20120801-140.el7_6.s390x", product_id: "ksh-debuginfo-0:20120801-140.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.ppc64le", product: { name: "ksh-0:20120801-140.el7_6.ppc64le", product_id: "ksh-0:20120801-140.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", product: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", product_id: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.src", product: { name: "ksh-0:20120801-140.el7_6.src", product_id: "ksh-0:20120801-140.el7_6.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.x86_64", product: { name: "ksh-0:20120801-140.el7_6.x86_64", product_id: "ksh-0:20120801-140.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", product: { name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", product_id: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.ppc64", product: { name: "ksh-0:20120801-140.el7_6.ppc64", product_id: "ksh-0:20120801-140.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=ppc64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", product: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", product_id: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", }, product_reference: "ksh-0:20120801-140.el7_6.src", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", }, product_reference: "ksh-0:20120801-140.el7_6.src", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", }, product_reference: "ksh-0:20120801-140.el7_6.src", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-06T17:33:52+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1333", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020_1332
Vulnerability from csaf_redhat
Published
2020-04-06 16:56
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:1332", url: "https://access.redhat.com/errata/RHSA-2020:1332", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1332.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:53+00:00", generator: { date: "2024-11-22T14:25:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:1332", initial_release_date: "2020-04-06T16:56:28+00:00", revision_history: [ { date: "2020-04-06T16:56:28+00:00", number: "1", summary: "Initial version", }, { date: "2020-04-06T16:56:28+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product: { name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.5::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.5)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.5::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.x86_64", product: { name: "ksh-0:20120801-138.el7_5.x86_64", product_id: "ksh-0:20120801-138.el7_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", product: { name: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", product_id: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.src", product: { name: "ksh-0:20120801-138.el7_5.src", product_id: "ksh-0:20120801-138.el7_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.s390x", product: { name: "ksh-0:20120801-138.el7_5.s390x", product_id: "ksh-0:20120801-138.el7_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-138.el7_5.s390x", product: { name: "ksh-debuginfo-0:20120801-138.el7_5.s390x", product_id: "ksh-debuginfo-0:20120801-138.el7_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.ppc64", product: { name: "ksh-0:20120801-138.el7_5.ppc64", product_id: "ksh-0:20120801-138.el7_5.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=ppc64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", product: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", product_id: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.ppc64le", product: { name: "ksh-0:20120801-138.el7_5.ppc64le", product_id: "ksh-0:20120801-138.el7_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", product: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", product_id: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", }, product_reference: "ksh-0:20120801-138.el7_5.ppc64", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", }, product_reference: "ksh-0:20120801-138.el7_5.ppc64le", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", }, product_reference: "ksh-0:20120801-138.el7_5.s390x", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", }, product_reference: "ksh-0:20120801-138.el7_5.src", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", }, product_reference: "ksh-0:20120801-138.el7_5.x86_64", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.s390x", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", }, product_reference: "ksh-0:20120801-138.el7_5.ppc64", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", }, product_reference: "ksh-0:20120801-138.el7_5.ppc64le", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", }, product_reference: "ksh-0:20120801-138.el7_5.s390x", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", }, product_reference: "ksh-0:20120801-138.el7_5.src", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", }, product_reference: "ksh-0:20120801-138.el7_5.x86_64", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.s390x", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", relates_to_product_reference: "7Server-7.5.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-06T16:56:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1332", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020_1333
Vulnerability from csaf_redhat
Published
2020-04-06 17:33
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:1333", url: "https://access.redhat.com/errata/RHSA-2020:1333", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1333.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:46+00:00", generator: { date: "2024-11-22T14:25:46+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:1333", initial_release_date: "2020-04-06T17:33:52+00:00", revision_history: [ { date: "2020-04-06T17:33:52+00:00", number: "1", summary: "Initial version", }, { date: "2020-04-06T17:33:52+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:46+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.s390x", product: { name: "ksh-0:20120801-140.el7_6.s390x", product_id: "ksh-0:20120801-140.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_6.s390x", product: { name: "ksh-debuginfo-0:20120801-140.el7_6.s390x", product_id: "ksh-debuginfo-0:20120801-140.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.ppc64le", product: { name: "ksh-0:20120801-140.el7_6.ppc64le", product_id: "ksh-0:20120801-140.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", product: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", product_id: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.src", product: { name: "ksh-0:20120801-140.el7_6.src", product_id: "ksh-0:20120801-140.el7_6.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.x86_64", product: { name: "ksh-0:20120801-140.el7_6.x86_64", product_id: "ksh-0:20120801-140.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", product: { name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", product_id: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.ppc64", product: { name: "ksh-0:20120801-140.el7_6.ppc64", product_id: "ksh-0:20120801-140.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=ppc64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", product: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", product_id: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", }, product_reference: "ksh-0:20120801-140.el7_6.src", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", }, product_reference: "ksh-0:20120801-140.el7_6.src", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", }, product_reference: "ksh-0:20120801-140.el7_6.src", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-06T17:33:52+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1333", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020:0431
Vulnerability from csaf_redhat
Published
2020-02-05 12:15
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0431", url: "https://access.redhat.com/errata/RHSA-2020:0431", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0431.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:17+00:00", generator: { date: "2024-11-22T14:25:17+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0431", initial_release_date: "2020-02-05T12:15:54+00:00", revision_history: [ { date: "2020-02-05T12:15:54+00:00", number: "1", summary: "Initial version", }, { date: "2020-02-05T12:15:54+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:17+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product: { name: "Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_e4s:8.0::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_0.ppc64le", product: { name: "ksh-0:20120801-253.el8_0.ppc64le", product_id: "ksh-0:20120801-253.el8_0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_0.ppc64le", product: { name: "ksh-debugsource-0:20120801-253.el8_0.ppc64le", product_id: "ksh-debugsource-0:20120801-253.el8_0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_0?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le", product: { name: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le", product_id: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_0?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_0.x86_64", product: { name: "ksh-0:20120801-253.el8_0.x86_64", product_id: "ksh-0:20120801-253.el8_0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_0.x86_64", product: { name: "ksh-debugsource-0:20120801-253.el8_0.x86_64", product_id: "ksh-debugsource-0:20120801-253.el8_0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_0?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_0.x86_64", product: { name: "ksh-debuginfo-0:20120801-253.el8_0.x86_64", product_id: "ksh-debuginfo-0:20120801-253.el8_0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_0?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_0.src", product: { name: "ksh-0:20120801-253.el8_0.src", product_id: "ksh-0:20120801-253.el8_0.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", }, product_reference: "ksh-0:20120801-253.el8_0.ppc64le", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_0.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", }, product_reference: "ksh-0:20120801-253.el8_0.src", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", }, product_reference: "ksh-0:20120801-253.el8_0.x86_64", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_0.x86_64", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", }, product_reference: "ksh-debugsource-0:20120801-253.el8_0.ppc64le", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", }, product_reference: "ksh-debugsource-0:20120801-253.el8_0.x86_64", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-02-05T12:15:54+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0431", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
RHSA-2020:1333
Vulnerability from csaf_redhat
Published
2020-04-06 17:33
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:1333", url: "https://access.redhat.com/errata/RHSA-2020:1333", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1333.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:46+00:00", generator: { date: "2024-11-22T14:25:46+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:1333", initial_release_date: "2020-04-06T17:33:52+00:00", revision_history: [ { date: "2020-04-06T17:33:52+00:00", number: "1", summary: "Initial version", }, { date: "2020-04-06T17:33:52+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:46+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.s390x", product: { name: "ksh-0:20120801-140.el7_6.s390x", product_id: "ksh-0:20120801-140.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_6.s390x", product: { name: "ksh-debuginfo-0:20120801-140.el7_6.s390x", product_id: "ksh-debuginfo-0:20120801-140.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.ppc64le", product: { name: "ksh-0:20120801-140.el7_6.ppc64le", product_id: "ksh-0:20120801-140.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", product: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", product_id: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.src", product: { name: "ksh-0:20120801-140.el7_6.src", product_id: "ksh-0:20120801-140.el7_6.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.x86_64", product: { name: "ksh-0:20120801-140.el7_6.x86_64", product_id: "ksh-0:20120801-140.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", product: { name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", product_id: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_6.ppc64", product: { name: "ksh-0:20120801-140.el7_6.ppc64", product_id: "ksh-0:20120801-140.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=ppc64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", product: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", product_id: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", }, product_reference: "ksh-0:20120801-140.el7_6.src", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)", product_id: "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", }, product_reference: "ksh-0:20120801-140.el7_6.src", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", }, product_reference: "ksh-0:20120801-140.el7_6.src", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-06T17:33:52+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1333", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src", "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src", "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x", "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020_5352
Vulnerability from csaf_redhat
Published
2020-12-07 11:06
Modified
2024-11-22 14:26
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:5352", url: "https://access.redhat.com/errata/RHSA-2020:5352", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5352.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:26:15+00:00", generator: { date: "2024-11-22T14:26:15+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:5352", initial_release_date: "2020-12-07T11:06:38+00:00", revision_history: [ { date: "2020-12-07T11:06:38+00:00", number: "1", summary: "Initial version", }, { date: "2020-12-07T11:06:38+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:26:15+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.2)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.2::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-26.el7_2.x86_64", product: { name: "ksh-0:20120801-26.el7_2.x86_64", product_id: "ksh-0:20120801-26.el7_2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-26.el7_2?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-26.el7_2.x86_64", product: { name: "ksh-debuginfo-0:20120801-26.el7_2.x86_64", product_id: "ksh-debuginfo-0:20120801-26.el7_2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-26.el7_2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-26.el7_2.src", product: { name: "ksh-0:20120801-26.el7_2.src", product_id: "ksh-0:20120801-26.el7_2.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-26.el7_2?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-26.el7_2.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", }, product_reference: "ksh-0:20120801-26.el7_2.src", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-26.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", }, product_reference: "ksh-0:20120801-26.el7_2.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-26.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-26.el7_2.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-12-07T11:06:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:5352", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020:0559
Vulnerability from csaf_redhat
Published
2020-02-20 10:19
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0559", url: "https://access.redhat.com/errata/RHSA-2020:0559", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0559.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:32+00:00", generator: { date: "2024-11-22T14:25:32+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0559", initial_release_date: "2020-02-20T10:19:48+00:00", revision_history: [ { date: "2020-02-20T10:19:48+00:00", number: "1", summary: "Initial version", }, { date: "2020-02-20T10:19:48+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:32+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.ppc64le", product: { name: "ksh-0:20120801-253.el8_1.ppc64le", product_id: "ksh-0:20120801-253.el8_1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_1.ppc64le", product: { name: "ksh-debugsource-0:20120801-253.el8_1.ppc64le", product_id: "ksh-debugsource-0:20120801-253.el8_1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le", product: { name: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le", product_id: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.s390x", product: { name: "ksh-0:20120801-253.el8_1.s390x", product_id: "ksh-0:20120801-253.el8_1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_1.s390x", product: { name: "ksh-debugsource-0:20120801-253.el8_1.s390x", product_id: "ksh-debugsource-0:20120801-253.el8_1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_1.s390x", product: { name: "ksh-debuginfo-0:20120801-253.el8_1.s390x", product_id: "ksh-debuginfo-0:20120801-253.el8_1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.x86_64", product: { name: "ksh-0:20120801-253.el8_1.x86_64", product_id: "ksh-0:20120801-253.el8_1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_1.x86_64", product: { name: "ksh-debugsource-0:20120801-253.el8_1.x86_64", product_id: "ksh-debugsource-0:20120801-253.el8_1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_1.x86_64", product: { name: "ksh-debuginfo-0:20120801-253.el8_1.x86_64", product_id: "ksh-debuginfo-0:20120801-253.el8_1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.aarch64", product: { name: "ksh-0:20120801-253.el8_1.aarch64", product_id: "ksh-0:20120801-253.el8_1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=aarch64", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_1.aarch64", product: { name: "ksh-debugsource-0:20120801-253.el8_1.aarch64", product_id: "ksh-debugsource-0:20120801-253.el8_1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=aarch64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_1.aarch64", product: { name: "ksh-debuginfo-0:20120801-253.el8_1.aarch64", product_id: "ksh-debuginfo-0:20120801-253.el8_1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.src", product: { name: "ksh-0:20120801-253.el8_1.src", product_id: "ksh-0:20120801-253.el8_1.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", }, product_reference: "ksh-0:20120801-253.el8_1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", }, product_reference: "ksh-0:20120801-253.el8_1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", }, product_reference: "ksh-0:20120801-253.el8_1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", }, product_reference: "ksh-0:20120801-253.el8_1.src", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", }, product_reference: "ksh-0:20120801-253.el8_1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", }, product_reference: "ksh-debugsource-0:20120801-253.el8_1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", }, product_reference: "ksh-debugsource-0:20120801-253.el8_1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", }, product_reference: "ksh-debugsource-0:20120801-253.el8_1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", }, product_reference: "ksh-debugsource-0:20120801-253.el8_1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-02-20T10:19:48+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0559", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020:2210
Vulnerability from csaf_redhat
Published
2020-05-19 22:43
Modified
2024-11-22 14:26
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:2210", url: "https://access.redhat.com/errata/RHSA-2020:2210", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2210.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:26:01+00:00", generator: { date: "2024-11-22T14:26:01+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:2210", initial_release_date: "2020-05-19T22:43:17+00:00", revision_history: [ { date: "2020-05-19T22:43:17+00:00", number: "1", summary: "Initial version", }, { date: "2020-05-19T22:43:17+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:26:01+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server E4S (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_e4s:7.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server TUS (v. 7.4)", product: { name: "Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_tus:7.4::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-36.el7_4.x86_64", product: { name: "ksh-0:20120801-36.el7_4.x86_64", product_id: "ksh-0:20120801-36.el7_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", product: { name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", product_id: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-36.el7_4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-36.el7_4.src", product: { name: "ksh-0:20120801-36.el7_4.src", product_id: "ksh-0:20120801-36.el7_4.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-36.el7_4.ppc64le", product: { name: "ksh-0:20120801-36.el7_4.ppc64le", product_id: "ksh-0:20120801-36.el7_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le", product: { name: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le", product_id: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-36.el7_4?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", }, product_reference: "ksh-0:20120801-36.el7_4.src", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)", product_id: "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", }, product_reference: "ksh-0:20120801-36.el7_4.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", }, product_reference: "ksh-0:20120801-36.el7_4.src", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-36.el7_4.ppc64le", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)", product_id: "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", }, product_reference: "ksh-0:20120801-36.el7_4.src", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)", product_id: "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-36.el7_4.x86_64", relates_to_product_reference: "7Server-7.4.TUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-05-19T22:43:17+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:2210", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src", "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le", "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src", "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64", "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020_0431
Vulnerability from csaf_redhat
Published
2020-02-05 12:15
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0431", url: "https://access.redhat.com/errata/RHSA-2020:0431", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0431.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:17+00:00", generator: { date: "2024-11-22T14:25:17+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0431", initial_release_date: "2020-02-05T12:15:54+00:00", revision_history: [ { date: "2020-02-05T12:15:54+00:00", number: "1", summary: "Initial version", }, { date: "2020-02-05T12:15:54+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:17+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product: { name: "Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_e4s:8.0::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_0.ppc64le", product: { name: "ksh-0:20120801-253.el8_0.ppc64le", product_id: "ksh-0:20120801-253.el8_0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_0.ppc64le", product: { name: "ksh-debugsource-0:20120801-253.el8_0.ppc64le", product_id: "ksh-debugsource-0:20120801-253.el8_0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_0?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le", product: { name: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le", product_id: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_0?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_0.x86_64", product: { name: "ksh-0:20120801-253.el8_0.x86_64", product_id: "ksh-0:20120801-253.el8_0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_0.x86_64", product: { name: "ksh-debugsource-0:20120801-253.el8_0.x86_64", product_id: "ksh-debugsource-0:20120801-253.el8_0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_0?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_0.x86_64", product: { name: "ksh-debuginfo-0:20120801-253.el8_0.x86_64", product_id: "ksh-debuginfo-0:20120801-253.el8_0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_0?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_0.src", product: { name: "ksh-0:20120801-253.el8_0.src", product_id: "ksh-0:20120801-253.el8_0.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", }, product_reference: "ksh-0:20120801-253.el8_0.ppc64le", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_0.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", }, product_reference: "ksh-0:20120801-253.el8_0.src", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", }, product_reference: "ksh-0:20120801-253.el8_0.x86_64", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_0.x86_64", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", }, product_reference: "ksh-debugsource-0:20120801-253.el8_0.ppc64le", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", }, product_reference: "ksh-debugsource-0:20120801-253.el8_0.x86_64", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-02-05T12:15:54+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0431", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
RHSA-2020:0515
Vulnerability from csaf_redhat
Published
2020-02-17 09:03
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0515", url: "https://access.redhat.com/errata/RHSA-2020:0515", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0515.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:24+00:00", generator: { date: "2024-11-22T14:25:24+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0515", initial_release_date: "2020-02-17T09:03:47+00:00", revision_history: [ { date: "2020-02-17T09:03:47+00:00", number: "1", summary: "Initial version", }, { date: "2020-02-17T09:03:47+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:24+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux HPC Node (v. 6)", product: { name: "Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 6)", product: { name: "Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.i686", product: { name: "ksh-0:20120801-38.el6_10.i686", product_id: "ksh-0:20120801-38.el6_10.i686", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=i686", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-38.el6_10.i686", product: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686", product_id: "ksh-debuginfo-0:20120801-38.el6_10.i686", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.x86_64", product: { name: "ksh-0:20120801-38.el6_10.x86_64", product_id: "ksh-0:20120801-38.el6_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", product: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", product_id: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.src", product: { name: "ksh-0:20120801-38.el6_10.src", product_id: "ksh-0:20120801-38.el6_10.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.s390x", product: { name: "ksh-0:20120801-38.el6_10.s390x", product_id: "ksh-0:20120801-38.el6_10.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-38.el6_10.s390x", product: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x", product_id: "ksh-debuginfo-0:20120801-38.el6_10.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.ppc64", product: { name: "ksh-0:20120801-38.el6_10.ppc64", product_id: "ksh-0:20120801-38.el6_10.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=ppc64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", product: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", product_id: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", }, product_reference: "ksh-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", }, product_reference: "ksh-0:20120801-38.el6_10.src", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", }, product_reference: "ksh-0:20120801-38.el6_10.i686", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", }, product_reference: "ksh-0:20120801-38.el6_10.src", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.i686", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", }, product_reference: "ksh-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", }, product_reference: "ksh-0:20120801-38.el6_10.src", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", }, product_reference: "ksh-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", }, product_reference: "ksh-0:20120801-38.el6_10.src", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Workstation-6.10.z", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-02-17T09:03:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0515", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
RHSA-2020:0431
Vulnerability from csaf_redhat
Published
2020-02-05 12:15
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0431", url: "https://access.redhat.com/errata/RHSA-2020:0431", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0431.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:17+00:00", generator: { date: "2024-11-22T14:25:17+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0431", initial_release_date: "2020-02-05T12:15:54+00:00", revision_history: [ { date: "2020-02-05T12:15:54+00:00", number: "1", summary: "Initial version", }, { date: "2020-02-05T12:15:54+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:17+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product: { name: "Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_e4s:8.0::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_0.ppc64le", product: { name: "ksh-0:20120801-253.el8_0.ppc64le", product_id: "ksh-0:20120801-253.el8_0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_0.ppc64le", product: { name: "ksh-debugsource-0:20120801-253.el8_0.ppc64le", product_id: "ksh-debugsource-0:20120801-253.el8_0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_0?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le", product: { name: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le", product_id: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_0?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_0.x86_64", product: { name: "ksh-0:20120801-253.el8_0.x86_64", product_id: "ksh-0:20120801-253.el8_0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_0.x86_64", product: { name: "ksh-debugsource-0:20120801-253.el8_0.x86_64", product_id: "ksh-debugsource-0:20120801-253.el8_0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_0?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_0.x86_64", product: { name: "ksh-debuginfo-0:20120801-253.el8_0.x86_64", product_id: "ksh-debuginfo-0:20120801-253.el8_0.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_0?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_0.src", product: { name: "ksh-0:20120801-253.el8_0.src", product_id: "ksh-0:20120801-253.el8_0.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", }, product_reference: "ksh-0:20120801-253.el8_0.ppc64le", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_0.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", }, product_reference: "ksh-0:20120801-253.el8_0.src", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", }, product_reference: "ksh-0:20120801-253.el8_0.x86_64", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_0.ppc64le", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_0.x86_64", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", }, product_reference: "ksh-debugsource-0:20120801-253.el8_0.ppc64le", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)", product_id: "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", }, product_reference: "ksh-debugsource-0:20120801-253.el8_0.x86_64", relates_to_product_reference: "AppStream-8.0.0.Z.E4S", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-02-05T12:15:54+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0431", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src", "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le", "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020:5352
Vulnerability from csaf_redhat
Published
2020-12-07 11:06
Modified
2024-11-22 14:26
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:5352", url: "https://access.redhat.com/errata/RHSA-2020:5352", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5352.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:26:15+00:00", generator: { date: "2024-11-22T14:26:15+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:5352", initial_release_date: "2020-12-07T11:06:38+00:00", revision_history: [ { date: "2020-12-07T11:06:38+00:00", number: "1", summary: "Initial version", }, { date: "2020-12-07T11:06:38+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:26:15+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.2)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.2::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-26.el7_2.x86_64", product: { name: "ksh-0:20120801-26.el7_2.x86_64", product_id: "ksh-0:20120801-26.el7_2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-26.el7_2?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-26.el7_2.x86_64", product: { name: "ksh-debuginfo-0:20120801-26.el7_2.x86_64", product_id: "ksh-debuginfo-0:20120801-26.el7_2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-26.el7_2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-26.el7_2.src", product: { name: "ksh-0:20120801-26.el7_2.src", product_id: "ksh-0:20120801-26.el7_2.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-26.el7_2?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-26.el7_2.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", }, product_reference: "ksh-0:20120801-26.el7_2.src", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-26.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", }, product_reference: "ksh-0:20120801-26.el7_2.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-26.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-26.el7_2.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-12-07T11:06:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:5352", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020:5351
Vulnerability from csaf_redhat
Published
2020-12-07 11:12
Modified
2024-11-22 14:26
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:5351", url: "https://access.redhat.com/errata/RHSA-2020:5351", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5351.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:26:08+00:00", generator: { date: "2024-11-22T14:26:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:5351", initial_release_date: "2020-12-07T11:12:37+00:00", revision_history: [ { date: "2020-12-07T11:12:37+00:00", number: "1", summary: "Initial version", }, { date: "2020-12-07T11:12:37+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:26:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.3)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.3::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-27.el7_3.x86_64", product: { name: "ksh-0:20120801-27.el7_3.x86_64", product_id: "ksh-0:20120801-27.el7_3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-27.el7_3?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-27.el7_3.x86_64", product: { name: "ksh-debuginfo-0:20120801-27.el7_3.x86_64", product_id: "ksh-debuginfo-0:20120801-27.el7_3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-27.el7_3?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-27.el7_3.src", product: { name: "ksh-0:20120801-27.el7_3.src", product_id: "ksh-0:20120801-27.el7_3.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-27.el7_3?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-27.el7_3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", }, product_reference: "ksh-0:20120801-27.el7_3.src", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-27.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", }, product_reference: "ksh-0:20120801-27.el7_3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-27.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-27.el7_3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-12-07T11:12:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:5351", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
RHSA-2020:5352
Vulnerability from csaf_redhat
Published
2020-12-07 11:06
Modified
2024-11-22 14:26
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:5352", url: "https://access.redhat.com/errata/RHSA-2020:5352", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5352.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:26:15+00:00", generator: { date: "2024-11-22T14:26:15+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:5352", initial_release_date: "2020-12-07T11:06:38+00:00", revision_history: [ { date: "2020-12-07T11:06:38+00:00", number: "1", summary: "Initial version", }, { date: "2020-12-07T11:06:38+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:26:15+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.2)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.2::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-26.el7_2.x86_64", product: { name: "ksh-0:20120801-26.el7_2.x86_64", product_id: "ksh-0:20120801-26.el7_2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-26.el7_2?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-26.el7_2.x86_64", product: { name: "ksh-debuginfo-0:20120801-26.el7_2.x86_64", product_id: "ksh-debuginfo-0:20120801-26.el7_2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-26.el7_2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-26.el7_2.src", product: { name: "ksh-0:20120801-26.el7_2.src", product_id: "ksh-0:20120801-26.el7_2.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-26.el7_2?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-26.el7_2.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", }, product_reference: "ksh-0:20120801-26.el7_2.src", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-26.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", }, product_reference: "ksh-0:20120801-26.el7_2.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-26.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)", product_id: "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-26.el7_2.x86_64", relates_to_product_reference: "7Server-7.2.AUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-12-07T11:06:38+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:5352", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src", "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64", "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020_0559
Vulnerability from csaf_redhat
Published
2020-02-20 10:19
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0559", url: "https://access.redhat.com/errata/RHSA-2020:0559", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0559.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:32+00:00", generator: { date: "2024-11-22T14:25:32+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0559", initial_release_date: "2020-02-20T10:19:48+00:00", revision_history: [ { date: "2020-02-20T10:19:48+00:00", number: "1", summary: "Initial version", }, { date: "2020-02-20T10:19:48+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:32+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.ppc64le", product: { name: "ksh-0:20120801-253.el8_1.ppc64le", product_id: "ksh-0:20120801-253.el8_1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_1.ppc64le", product: { name: "ksh-debugsource-0:20120801-253.el8_1.ppc64le", product_id: "ksh-debugsource-0:20120801-253.el8_1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le", product: { name: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le", product_id: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.s390x", product: { name: "ksh-0:20120801-253.el8_1.s390x", product_id: "ksh-0:20120801-253.el8_1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_1.s390x", product: { name: "ksh-debugsource-0:20120801-253.el8_1.s390x", product_id: "ksh-debugsource-0:20120801-253.el8_1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_1.s390x", product: { name: "ksh-debuginfo-0:20120801-253.el8_1.s390x", product_id: "ksh-debuginfo-0:20120801-253.el8_1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.x86_64", product: { name: "ksh-0:20120801-253.el8_1.x86_64", product_id: "ksh-0:20120801-253.el8_1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_1.x86_64", product: { name: "ksh-debugsource-0:20120801-253.el8_1.x86_64", product_id: "ksh-debugsource-0:20120801-253.el8_1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_1.x86_64", product: { name: "ksh-debuginfo-0:20120801-253.el8_1.x86_64", product_id: "ksh-debuginfo-0:20120801-253.el8_1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.aarch64", product: { name: "ksh-0:20120801-253.el8_1.aarch64", product_id: "ksh-0:20120801-253.el8_1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=aarch64", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_1.aarch64", product: { name: "ksh-debugsource-0:20120801-253.el8_1.aarch64", product_id: "ksh-debugsource-0:20120801-253.el8_1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=aarch64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_1.aarch64", product: { name: "ksh-debuginfo-0:20120801-253.el8_1.aarch64", product_id: "ksh-debuginfo-0:20120801-253.el8_1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.src", product: { name: "ksh-0:20120801-253.el8_1.src", product_id: "ksh-0:20120801-253.el8_1.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", }, product_reference: "ksh-0:20120801-253.el8_1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", }, product_reference: "ksh-0:20120801-253.el8_1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", }, product_reference: "ksh-0:20120801-253.el8_1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", }, product_reference: "ksh-0:20120801-253.el8_1.src", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", }, product_reference: "ksh-0:20120801-253.el8_1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", }, product_reference: "ksh-debugsource-0:20120801-253.el8_1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", }, product_reference: "ksh-debugsource-0:20120801-253.el8_1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", }, product_reference: "ksh-debugsource-0:20120801-253.el8_1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", }, product_reference: "ksh-debugsource-0:20120801-253.el8_1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-02-20T10:19:48+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0559", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
RHSA-2020:0568
Vulnerability from csaf_redhat
Published
2020-02-24 09:05
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0568", url: "https://access.redhat.com/errata/RHSA-2020:0568", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0568.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:39+00:00", generator: { date: "2024-11-22T14:25:39+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0568", initial_release_date: "2020-02-24T09:05:27+00:00", revision_history: [ { date: "2020-02-24T09:05:27+00:00", number: "1", summary: "Initial version", }, { date: "2020-02-24T09:05:27+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:39+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.x86_64", product: { name: "ksh-0:20120801-140.el7_7.x86_64", product_id: "ksh-0:20120801-140.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", product: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", product_id: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.src", product: { name: "ksh-0:20120801-140.el7_7.src", product_id: "ksh-0:20120801-140.el7_7.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.s390x", product: { name: "ksh-0:20120801-140.el7_7.s390x", product_id: "ksh-0:20120801-140.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_7.s390x", product: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x", product_id: "ksh-debuginfo-0:20120801-140.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.ppc64", product: { name: "ksh-0:20120801-140.el7_7.ppc64", product_id: "ksh-0:20120801-140.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=ppc64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", product: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", product_id: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-140.el7_7.ppc64le", product: { name: "ksh-0:20120801-140.el7_7.ppc64le", product_id: "ksh-0:20120801-140.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", product: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", product_id: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", }, product_reference: "ksh-0:20120801-140.el7_7.src", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Client-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", }, product_reference: "ksh-0:20120801-140.el7_7.src", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", }, product_reference: "ksh-0:20120801-140.el7_7.src", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", }, product_reference: "ksh-0:20120801-140.el7_7.src", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.ppc64le", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.s390x", relates_to_product_reference: "7Workstation-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-140.el7_7.x86_64", relates_to_product_reference: "7Workstation-7.7.Z", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-02-24T09:05:27+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0568", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src", "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src", "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x", "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020_5351
Vulnerability from csaf_redhat
Published
2020-12-07 11:12
Modified
2024-11-22 14:26
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:5351", url: "https://access.redhat.com/errata/RHSA-2020:5351", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5351.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:26:08+00:00", generator: { date: "2024-11-22T14:26:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:5351", initial_release_date: "2020-12-07T11:12:37+00:00", revision_history: [ { date: "2020-12-07T11:12:37+00:00", number: "1", summary: "Initial version", }, { date: "2020-12-07T11:12:37+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:26:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.3)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.3::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-27.el7_3.x86_64", product: { name: "ksh-0:20120801-27.el7_3.x86_64", product_id: "ksh-0:20120801-27.el7_3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-27.el7_3?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-27.el7_3.x86_64", product: { name: "ksh-debuginfo-0:20120801-27.el7_3.x86_64", product_id: "ksh-debuginfo-0:20120801-27.el7_3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-27.el7_3?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-27.el7_3.src", product: { name: "ksh-0:20120801-27.el7_3.src", product_id: "ksh-0:20120801-27.el7_3.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-27.el7_3?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-27.el7_3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", }, product_reference: "ksh-0:20120801-27.el7_3.src", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-27.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", }, product_reference: "ksh-0:20120801-27.el7_3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-27.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-27.el7_3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-12-07T11:12:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:5351", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
RHSA-2020:1332
Vulnerability from csaf_redhat
Published
2020-04-06 16:56
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:1332", url: "https://access.redhat.com/errata/RHSA-2020:1332", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1332.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:53+00:00", generator: { date: "2024-11-22T14:25:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:1332", initial_release_date: "2020-04-06T16:56:28+00:00", revision_history: [ { date: "2020-04-06T16:56:28+00:00", number: "1", summary: "Initial version", }, { date: "2020-04-06T16:56:28+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product: { name: "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.5::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.5)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.5::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.x86_64", product: { name: "ksh-0:20120801-138.el7_5.x86_64", product_id: "ksh-0:20120801-138.el7_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", product: { name: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", product_id: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.src", product: { name: "ksh-0:20120801-138.el7_5.src", product_id: "ksh-0:20120801-138.el7_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.s390x", product: { name: "ksh-0:20120801-138.el7_5.s390x", product_id: "ksh-0:20120801-138.el7_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-138.el7_5.s390x", product: { name: "ksh-debuginfo-0:20120801-138.el7_5.s390x", product_id: "ksh-debuginfo-0:20120801-138.el7_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.ppc64", product: { name: "ksh-0:20120801-138.el7_5.ppc64", product_id: "ksh-0:20120801-138.el7_5.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=ppc64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", product: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", product_id: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-138.el7_5.ppc64le", product: { name: "ksh-0:20120801-138.el7_5.ppc64le", product_id: "ksh-0:20120801-138.el7_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", product: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", product_id: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", }, product_reference: "ksh-0:20120801-138.el7_5.ppc64", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", }, product_reference: "ksh-0:20120801-138.el7_5.ppc64le", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", }, product_reference: "ksh-0:20120801-138.el7_5.s390x", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", }, product_reference: "ksh-0:20120801-138.el7_5.src", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", }, product_reference: "ksh-0:20120801-138.el7_5.x86_64", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.s390x", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)", product_id: "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", relates_to_product_reference: "7ComputeNode-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", }, product_reference: "ksh-0:20120801-138.el7_5.ppc64", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", }, product_reference: "ksh-0:20120801-138.el7_5.ppc64le", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", }, product_reference: "ksh-0:20120801-138.el7_5.s390x", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", }, product_reference: "ksh-0:20120801-138.el7_5.src", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", }, product_reference: "ksh-0:20120801-138.el7_5.x86_64", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.ppc64", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.ppc64le", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.s390x", relates_to_product_reference: "7Server-7.5.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-138.el7_5.x86_64", relates_to_product_reference: "7Server-7.5.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-06T16:56:28+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1332", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src", "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x", "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
RHSA-2020:0559
Vulnerability from csaf_redhat
Published
2020-02-20 10:19
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0559", url: "https://access.redhat.com/errata/RHSA-2020:0559", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0559.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:32+00:00", generator: { date: "2024-11-22T14:25:32+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0559", initial_release_date: "2020-02-20T10:19:48+00:00", revision_history: [ { date: "2020-02-20T10:19:48+00:00", number: "1", summary: "Initial version", }, { date: "2020-02-20T10:19:48+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:32+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.ppc64le", product: { name: "ksh-0:20120801-253.el8_1.ppc64le", product_id: "ksh-0:20120801-253.el8_1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_1.ppc64le", product: { name: "ksh-debugsource-0:20120801-253.el8_1.ppc64le", product_id: "ksh-debugsource-0:20120801-253.el8_1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=ppc64le", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le", product: { name: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le", product_id: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.s390x", product: { name: "ksh-0:20120801-253.el8_1.s390x", product_id: "ksh-0:20120801-253.el8_1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_1.s390x", product: { name: "ksh-debugsource-0:20120801-253.el8_1.s390x", product_id: "ksh-debugsource-0:20120801-253.el8_1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_1.s390x", product: { name: "ksh-debuginfo-0:20120801-253.el8_1.s390x", product_id: "ksh-debuginfo-0:20120801-253.el8_1.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.x86_64", product: { name: "ksh-0:20120801-253.el8_1.x86_64", product_id: "ksh-0:20120801-253.el8_1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_1.x86_64", product: { name: "ksh-debugsource-0:20120801-253.el8_1.x86_64", product_id: "ksh-debugsource-0:20120801-253.el8_1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_1.x86_64", product: { name: "ksh-debuginfo-0:20120801-253.el8_1.x86_64", product_id: "ksh-debuginfo-0:20120801-253.el8_1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.aarch64", product: { name: "ksh-0:20120801-253.el8_1.aarch64", product_id: "ksh-0:20120801-253.el8_1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=aarch64", }, }, }, { category: "product_version", name: "ksh-debugsource-0:20120801-253.el8_1.aarch64", product: { name: "ksh-debugsource-0:20120801-253.el8_1.aarch64", product_id: "ksh-debugsource-0:20120801-253.el8_1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=aarch64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-253.el8_1.aarch64", product: { name: "ksh-debuginfo-0:20120801-253.el8_1.aarch64", product_id: "ksh-debuginfo-0:20120801-253.el8_1.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-253.el8_1.src", product: { name: "ksh-0:20120801-253.el8_1.src", product_id: "ksh-0:20120801-253.el8_1.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", }, product_reference: "ksh-0:20120801-253.el8_1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", }, product_reference: "ksh-0:20120801-253.el8_1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", }, product_reference: "ksh-0:20120801-253.el8_1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", }, product_reference: "ksh-0:20120801-253.el8_1.src", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", }, product_reference: "ksh-0:20120801-253.el8_1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-253.el8_1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", }, product_reference: "ksh-debugsource-0:20120801-253.el8_1.aarch64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", }, product_reference: "ksh-debugsource-0:20120801-253.el8_1.ppc64le", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", }, product_reference: "ksh-debugsource-0:20120801-253.el8_1.s390x", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debugsource-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", }, product_reference: "ksh-debugsource-0:20120801-253.el8_1.x86_64", relates_to_product_reference: "AppStream-8.1.0.Z.MAIN.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-02-20T10:19:48+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0559", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src", "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x", "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
rhsa-2020_0515
Vulnerability from csaf_redhat
Published
2020-02-17 09:03
Modified
2024-11-22 14:25
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:0515", url: "https://access.redhat.com/errata/RHSA-2020:0515", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0515.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:25:24+00:00", generator: { date: "2024-11-22T14:25:24+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:0515", initial_release_date: "2020-02-17T09:03:47+00:00", revision_history: [ { date: "2020-02-17T09:03:47+00:00", number: "1", summary: "Initial version", }, { date: "2020-02-17T09:03:47+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:25:24+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux HPC Node (v. 6)", product: { name: "Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 6)", product: { name: "Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.i686", product: { name: "ksh-0:20120801-38.el6_10.i686", product_id: "ksh-0:20120801-38.el6_10.i686", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=i686", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-38.el6_10.i686", product: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686", product_id: "ksh-debuginfo-0:20120801-38.el6_10.i686", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.x86_64", product: { name: "ksh-0:20120801-38.el6_10.x86_64", product_id: "ksh-0:20120801-38.el6_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", product: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", product_id: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.src", product: { name: "ksh-0:20120801-38.el6_10.src", product_id: "ksh-0:20120801-38.el6_10.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.s390x", product: { name: "ksh-0:20120801-38.el6_10.s390x", product_id: "ksh-0:20120801-38.el6_10.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=s390x", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-38.el6_10.s390x", product: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x", product_id: "ksh-debuginfo-0:20120801-38.el6_10.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-38.el6_10.ppc64", product: { name: "ksh-0:20120801-38.el6_10.ppc64", product_id: "ksh-0:20120801-38.el6_10.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=ppc64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", product: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", product_id: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", }, product_reference: "ksh-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", }, product_reference: "ksh-0:20120801-38.el6_10.src", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Client-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", }, product_reference: "ksh-0:20120801-38.el6_10.i686", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", }, product_reference: "ksh-0:20120801-38.el6_10.src", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.i686", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6ComputeNode-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", }, product_reference: "ksh-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", }, product_reference: "ksh-0:20120801-38.el6_10.src", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Server-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", }, product_reference: "ksh-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", }, product_reference: "ksh-0:20120801-38.el6_10.src", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.i686", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.ppc64", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.s390x", relates_to_product_reference: "6Workstation-6.10.z", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-38.el6_10.x86_64", relates_to_product_reference: "6Workstation-6.10.z", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-02-17T09:03:47+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:0515", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-0:20120801-38.el6_10.src", "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src", "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-0:20120801-38.el6_10.src", "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src", "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x", "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
RHSA-2020:5351
Vulnerability from csaf_redhat
Published
2020-12-07 11:12
Modified
2024-11-22 14:26
Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ksh is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:5351", url: "https://access.redhat.com/errata/RHSA-2020:5351", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5351.json", }, ], title: "Red Hat Security Advisory: ksh security update", tracking: { current_release_date: "2024-11-22T14:26:08+00:00", generator: { date: "2024-11-22T14:26:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:5351", initial_release_date: "2020-12-07T11:12:37+00:00", revision_history: [ { date: "2020-12-07T11:12:37+00:00", number: "1", summary: "Initial version", }, { date: "2020-12-07T11:12:37+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:26:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 7.3)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_aus:7.3::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-27.el7_3.x86_64", product: { name: "ksh-0:20120801-27.el7_3.x86_64", product_id: "ksh-0:20120801-27.el7_3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-27.el7_3?arch=x86_64", }, }, }, { category: "product_version", name: "ksh-debuginfo-0:20120801-27.el7_3.x86_64", product: { name: "ksh-debuginfo-0:20120801-27.el7_3.x86_64", product_id: "ksh-debuginfo-0:20120801-27.el7_3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ksh-debuginfo@20120801-27.el7_3?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "ksh-0:20120801-27.el7_3.src", product: { name: "ksh-0:20120801-27.el7_3.src", product_id: "ksh-0:20120801-27.el7_3.src", product_identification_helper: { purl: "pkg:rpm/redhat/ksh@20120801-27.el7_3?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-27.el7_3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", }, product_reference: "ksh-0:20120801-27.el7_3.src", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-0:20120801-27.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", }, product_reference: "ksh-0:20120801-27.el7_3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, { category: "default_component_of", full_product_name: { name: "ksh-debuginfo-0:20120801-27.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)", product_id: "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", }, product_reference: "ksh-debuginfo-0:20120801-27.el7_3.x86_64", relates_to_product_reference: "7Server-7.3.AUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-14868", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, discovery_date: "2019-10-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1757324", }, ], notes: [ { category: "description", text: "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", title: "Vulnerability description", }, { category: "summary", text: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { category: "external", summary: "RHBZ#1757324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-14868", url: "https://www.cve.org/CVERecord?id=CVE-2019-14868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, ], release_date: "2019-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-12-07T11:12:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:5351", }, { category: "workaround", details: "No known mitigation available.", product_ids: [ "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src", "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64", "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", }, ], }
ghsa-2x84-7422-962r
Vulnerability from github
Published
2022-05-24 17:13
Modified
2023-02-02 15:30
Severity ?
Details
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.
{ affected: [], aliases: [ "CVE-2019-14868", ], database_specific: { cwe_ids: [ "CWE-77", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2020-04-02T17:15:00Z", severity: "HIGH", }, details: "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", id: "GHSA-2x84-7422-962r", modified: "2023-02-02T15:30:28Z", published: "2022-05-24T17:13:14Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-14868", }, { type: "WEB", url: "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2020:0431", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2020:0515", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2020:0559", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2020:0568", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2020:1332", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2020:1333", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2020:2210", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2020:5351", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2020:5352", }, { type: "WEB", url: "https://access.redhat.com/security/cve/CVE-2019-14868", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html", }, { type: "WEB", url: "https://support.apple.com/kb/HT211170", }, { type: "WEB", url: "http://seclists.org/fulldisclosure/2020/May/53", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], }
fkie_cve-2019-14868
Vulnerability from fkie_nvd
Published
2020-04-02 17:15
Modified
2024-11-21 04:27
Severity ?
7.4 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ksh_project | ksh | 20120801 | |
| debian | debian_linux | 9.0 | |
| apple | mac_os_x | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ksh_project:ksh:20120801:*:*:*:*:*:*:*", matchCriteriaId: "C453FD9C-7375-4E2E-84AD-ABC3CC786153", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "99973242-A249-4C34-B042-5F833AE73708", versionEndExcluding: "10.15.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", }, { lang: "es", value: "En ksh versión 20120801, se detectó un fallo en la manera que evalúa determinadas variables de entorno. Un atacante podría usar este fallo para anular u omitir unas restricciones del entorno para ejecutar comandos de shell. Los servicios y las aplicaciones permiten a atacantes remotos no autenticados proporcionar una de esas variables de entorno que podrían permitirles explotar este problema remotamente.", }, ], id: "CVE-2019-14868", lastModified: "2024-11-21T04:27:32.553", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.4, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-02T17:15:13.990", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2020/May/53", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT211170", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2020/May/53", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT211170", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
gsd-2019-14868
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.
Aliases
Aliases
{ GSD: { alias: "CVE-2019-14868", description: "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", id: "GSD-2019-14868", references: [ "https://www.suse.com/security/cve/CVE-2019-14868.html", "https://access.redhat.com/errata/RHSA-2020:5352", "https://access.redhat.com/errata/RHSA-2020:5351", "https://access.redhat.com/errata/RHSA-2020:2210", "https://access.redhat.com/errata/RHSA-2020:1333", "https://access.redhat.com/errata/RHSA-2020:1332", "https://access.redhat.com/errata/RHSA-2020:0568", "https://access.redhat.com/errata/RHSA-2020:0559", "https://access.redhat.com/errata/RHSA-2020:0515", "https://access.redhat.com/errata/RHSA-2020:0431", "https://advisories.mageia.org/CVE-2019-14868.html", "https://security.archlinux.org/CVE-2019-14868", "https://linux.oracle.com/cve/CVE-2019-14868.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2019-14868", ], details: "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", id: "GSD-2019-14868", modified: "2023-12-13T01:23:53.224994Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-14868", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ksh", version: { version_data: [ { version_affected: "=", version_value: "20120801", }, ], }, }, ], }, vendor_name: "KornShell", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", }, ], }, impact: { cvss: [ { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], }, problemtype: { problemtype_data: [ { description: [ { cweId: "CWE-77", lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "https://support.apple.com/kb/HT211170", refsource: "MISC", url: "https://support.apple.com/kb/HT211170", }, { name: "http://seclists.org/fulldisclosure/2020/May/53", refsource: "MISC", url: "http://seclists.org/fulldisclosure/2020/May/53", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868", }, { name: "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2", refsource: "MISC", url: "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2", }, { name: "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html", refsource: "MISC", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:ksh_project:ksh:20120801:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "10.15.5", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-14868", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868", refsource: "CONFIRM", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868", }, { name: "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2", }, { name: "https://support.apple.com/kb/HT211170", refsource: "CONFIRM", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT211170", }, { name: "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra", refsource: "FULLDISC", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2020/May/53", }, { name: "[debian-lts-announce] 20200720 [SECURITY] [DLA 2284-1] ksh security update", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, }, }, lastModifiedDate: "2023-02-12T23:36Z", publishedDate: "2020-04-02T17:15Z", }, }, }
var-202004-0812
Vulnerability from variot
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely. ksh There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra
macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra are now available and address the following:
Accounts Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt
AirDrop Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9826: Dor Hadad of Palo Alto Networks
AppleMobileFileIntegrity Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4 Impact: An application may be able to use arbitrary entitlements Description: This issue was addressed with improved checks. CVE-2020-9842: Linus Henze (pinauten.de)
AppleUSBNetworking Available for: macOS Catalina 10.15.4 Impact: Inserting a USB device that sends invalid messages may cause a kernel panic Description: A logic issue was addressed with improved restrictions. CVE-2020-9804: Andy Davis of NCC Group
Audio Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9815: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative
Audio Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9791: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative
Bluetooth Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9831: Yu Wang of Didi Research America
Calendar Available for: macOS Catalina 10.15.4 Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information Description: This issue was addressed with improved checks. CVE-2020-3882: Andy Grant of NCC Group
CVMS Available for: macOS Catalina 10.15.4 Impact: An application may be able to gain elevated privileges Description: This issue was addressed with improved checks. CVE-2020-9856: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative
DiskArbitration Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to break out of its sandbox Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9847: Zhuo Liang of Qihoo 360 Vulcan Team
Find My Available for: macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. CVE-2020-9855: Zhongcheng Li(CK01) of Topsec Alpha Team
FontParser Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9816: Peter Nguyen Vu Hoang of STAR Labs working with Trend Micro Zero Day Initiative
ImageIO Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-3878: Samuel Groß of Google Project Zero
ImageIO Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9789: Wenchao Li of VARAS@IIE CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab
Intel Graphics Driver Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9822: ABC Research s.r.o
IPSec Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4 Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9837: Thijs Alkemade of Computest
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9821: Xinru Chi and Tielei Wang of Pangu Lab
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine another application's memory layout Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2020-9797: an anonymous researcher
Kernel Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9852: Tao Huang and Tielei Wang of Pangu Lab
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9795: Zhuo Liang of Qihoo 360 Vulcan Team
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2020-9808: Xinru Chi and Tielei Wang of Pangu Lab
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to read kernel memory Description: An information disclosure issue was addressed with improved state management. CVE-2020-9811: Tielei Wang of Pangu Lab CVE-2020-9812: Derrek (@derrekr6)
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A logic issue existed resulting in memory corruption. This was addressed with improved state management. CVE-2020-9813: Xinru Chi of Pangu Lab CVE-2020-9814: Xinru Chi and Tielei Wang of Pangu Lab
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved state management. CVE-2020-9809: Benjamin Randazzo (@____benjamin)
ksh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to execute arbitrary shell commands Description: An issue existed in the handling of environment variables. This issue was addressed with improved validation. CVE-2019-14868
NSURL Available for: macOS Mojave 10.14.6 Impact: A malicious website may be able to exfiltrate autofilled data in Safari Description: An issue existed in the parsing of URLs. This issue was addressed with improved input validation. CVE-2020-9857: Dlive of Tencent Security Xuanwu Lab
PackageKit Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to gain root privileges Description: A permissions issue existed. This issue was addressed with improved permission validation. CVE-2020-9817: Andy Grant of NCC Group
PackageKit Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to modify protected parts of the file system Description: An access issue was addressed with improved access restrictions. CVE-2020-9851: Linus Henze (pinauten.de)
Python Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9793
Sandbox Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to bypass Privacy preferences Description: An access issue was addressed with additional sandbox restrictions. CVE-2020-9825: Sreejith Krishnan R (@skr0x1C0)
Security Available for: macOS Catalina 10.15.4 Impact: A file may be incorrectly rendered to execute JavaScript Description: A validation issue was addressed with improved input sanitization. CVE-2020-9788: Wojciech Reguła of SecuRing (https://wojciechregula.blog)
SIP Available for: macOS Catalina 10.15.4 Impact: A non-privileged user may be able to modify restricted network settings Description: A logic issue was addressed with improved restrictions. CVE-2020-9824: Csaba Fitzl (@theevilbit) of Offensive Security
SQLite Available for: macOS Catalina 10.15.4 Impact: A malicious application may cause a denial of service or potentially disclose memory contents Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9794
System Preferences Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with improved state handling. CVE-2020-9839: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative
USB Audio Available for: macOS Catalina 10.15.4 Impact: A USB device may be able to cause a denial of service Description: A validation issue was addressed with improved input sanitization. CVE-2020-9792: Andy Davis of NCC Group
Wi-Fi Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A double free issue was addressed with improved memory management. CVE-2020-9844: Ian Beer of Google Project Zero
Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9830: Tielei Wang of Pangu Lab
Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9834: Yu Wang of Didi Research America
Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to read kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2020-9833: Yu Wang of Didi Research America
Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9832: Yu Wang of Didi Research America
WindowServer Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9841: ABC Research s.r.o. working with Trend Micro Zero Day Initiative
zsh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: An authorization issue was addressed with improved state management. CVE-2019-20044: Sam Foxman
Additional recognition
CoreBluetooth We would like to acknowledge Maximilian von Tschitschnitz of Technical University Munich and Ludwig Peuckert of Technical University Munich for their assistance.
CoreText We would like to acknowledge Jiska Classen (@naehrdine) and Dennis Heinze (@ttdennis) of Secure Mobile Networking Lab for their assistance.
Endpoint Security We would like to acknowledge an anonymous researcher for their assistance.
ImageIO We would like to acknowledge Lei Sun for their assistance.
IOHIDFamily We would like to acknowledge Andy Davis of NCC Group for their assistance.
IPSec We would like to acknowledge Thijs Alkemade of Computest for their assistance.
Login Window We would like to acknowledge Jon Morby and an anonymous researcher for their assistance.
Sandbox We would like to acknowledge Jason L Lang of Optum for their assistance.
Spotlight We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.
Installation note:
macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64
iQIcBAEDCAAGBQJezZcfAAoJEAc+Lhnt8tDNIQYP/0YN+/T85WC7RJjAlRrUDduD ZO0e76d2C1jNgZWsYmXnrEPwfRYAEPLcKgb/SxAlwlRNFqex9CNu2sD1aA3GZBIO MaektARuncqh06rl8BjbakS4HQs675vUEjoJS9H2d0pq2dSEIjOtH1agJwtGIeNS wHBFlUnQzI42hurYeq7fxRdiByf+Z3mKEBt6wlVtaWjqcMfG9sroj9H58RLiqSNm VNfU4eZNPrG49kbTf4IC2JvvKg18hrUZqIcjbV/56+kPBl4+USIxh/5ECJHV/cDD BEe64M2I1LiY0lq6neoOeHvBiiIvUq9EUW2PBnfcbo3V1D35mm6td+WnO3Buqo6f EEkjfIwtq7fI10ZPYYjiUayrQyfqmM3x14JcxDsHzlerT6NNRTg3g2ls0seQK9Lt 8IDbkrseOR0JFukR1njC+cAk4RbDFue5cUJK6Js1nGvFwLN0kHFIhh9jFKgccgH7 bKSLDAdB+kSxBOshDDmYyNS+KRzXEWIsBU8ZbNAbRDANWqm4lcPffKWcG7zIdiMQ JLUclRURf35AoFmJ0F1BZSRzFuHr1Dvh23SjNK7H9i/mD05+rY6esh5ZKco+6Yqe pW/EOXEAs/J06xUytABH3SkFmQSzlIPuFrXa8qAskHhFp/E8yLehyefoY+AZJjal sLrLBIOxQCTskSFoExP8 =2eah -----END PGP SIGNATURE-----
. 8.0) - aarch64, ppc64le, s390x, x86_64
-
7) - aarch64, ppc64le, s390x
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: ksh security update Advisory ID: RHSA-2020:0515-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:0515 Issue date: 2020-02-17 CVE Names: CVE-2019-14868 =====================================================================
- Summary:
An update for ksh is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
- Description:
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
- ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: ksh-20120801-38.el6_10.src.rpm
i386: ksh-20120801-38.el6_10.i686.rpm ksh-debuginfo-20120801-38.el6_10.i686.rpm
x86_64: ksh-20120801-38.el6_10.x86_64.rpm ksh-debuginfo-20120801-38.el6_10.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ksh-20120801-38.el6_10.src.rpm
x86_64: ksh-20120801-38.el6_10.x86_64.rpm ksh-debuginfo-20120801-38.el6_10.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ksh-20120801-38.el6_10.src.rpm
i386: ksh-20120801-38.el6_10.i686.rpm ksh-debuginfo-20120801-38.el6_10.i686.rpm
ppc64: ksh-20120801-38.el6_10.ppc64.rpm ksh-debuginfo-20120801-38.el6_10.ppc64.rpm
s390x: ksh-20120801-38.el6_10.s390x.rpm ksh-debuginfo-20120801-38.el6_10.s390x.rpm
x86_64: ksh-20120801-38.el6_10.x86_64.rpm ksh-debuginfo-20120801-38.el6_10.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ksh-20120801-38.el6_10.src.rpm
i386: ksh-20120801-38.el6_10.i686.rpm ksh-debuginfo-20120801-38.el6_10.i686.rpm
x86_64: ksh-20120801-38.el6_10.x86_64.rpm ksh-debuginfo-20120801-38.el6_10.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-14868 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXkpR39zjgjWX9erEAQgOuA//VVykbqa3Z1flEfzz4+aWXxhfmuF3sEn/ RPoENKb82LLn2BYPkke06fzpU0GynEwgq3AsqezB0GhcU30ErhaEMKb7UggFgjNL /6rbQu/3I9wEbZ9BsiYieuhNY/B77RuaOWYt96M9xthj8naEW4IEf7614ayiFBgu Kcm0g1/4SLiU6jayisb7dlO1yjDSdlM5NUDsYeZu4axMmkGzsxoA1uC8SNe7exee RV03H0TGeg4nXdSrGu6dhpbt8MAT7KM7wtIVpfSzqmepyhCeuqi5yitUeVFtWr3M rcgNRSgG0/IqZJTuccqtpVBWncQisewSfr/AUPpo6LSQOF4UI+PlH0iVJQsitVHi CIjBvlY/AAN2t3efd80nC9sOIOT0AnEyI1NkfRgdybsivarwkT9VYjkdKah7lBQC QBNPXB8elyxjtoB1suhlQPqmSkd4VQ/AP0P2AeB+01fBzV4I1rS+sgcDmiWyOyl4 Xqc4G8Q3eX+Z2N3kGaWtlW92rRF1hhvDeT3VOdHnRD9dofuYQAEVnJGgUOpWQOmA jkMCS4GipUrfyOZVR8iXjYqGoIo4JF2kM5trBYCo5gXW+tiKbZ9dTCQCmqtgVYwK QkH3XQR967JVz1uK1sDB0Ngd5HPqFlvZg+vGcl/xJPr3s8elpOM6AI6vJRgFAArd 1EP8ndPtKmA= =UPpY -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7) - x86_64
3
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0812", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ksh", scope: "eq", trust: 1.8, vendor: "ksh", version: "20120801", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "9.0", }, { model: "mac os x", scope: "lt", trust: 1, vendor: "apple", version: "10.15.5", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-015261", }, { db: "NVD", id: "CVE-2019-14868", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:ksh_project:ksh", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-015261", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Red Hat", sources: [ { db: "PACKETSTORM", id: "156454", }, { db: "PACKETSTORM", id: "156218", }, { db: "PACKETSTORM", id: "157123", }, { db: "PACKETSTORM", id: "160382", }, { db: "PACKETSTORM", id: "156381", }, { db: "PACKETSTORM", id: "156502", }, { db: "PACKETSTORM", id: "160376", }, ], trust: 0.7, }, cve: "CVE-2019-14868", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "CVE-2019-14868", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Local", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 7.2, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2019-015261", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", exploitabilityScore: 3.9, id: "VHN-146857", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:L/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, id: "CVE-2019-14868", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "HIGH", attackVector: "LOCAL", author: "secalert@redhat.com", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.4, id: "CVE-2019-14868", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "NVD", availabilityImpact: "High", baseScore: 7.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2019-015261", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-14868", trust: 1, value: "HIGH", }, { author: "secalert@redhat.com", id: "CVE-2019-14868", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2019-015261", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202002-300", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-146857", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-146857", }, { db: "JVNDB", id: "JVNDB-2019-015261", }, { db: "CNNVD", id: "CNNVD-202002-300", }, { db: "NVD", id: "CVE-2019-14868", }, { db: "NVD", id: "CVE-2019-14868", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely. ksh There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update\n2020-003 Mojave, Security Update 2020-003 High Sierra\n\nmacOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security\nUpdate 2020-003 High Sierra are now available and address the\nfollowing:\n\nAccounts\nAvailable for: macOS Catalina 10.15.4\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A denial of service issue was addressed with improved\ninput validation. \nCVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt\n\nAirDrop\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A denial of service issue was addressed with improved\ninput validation. \nCVE-2020-9826: Dor Hadad of Palo Alto Networks\n\nAppleMobileFileIntegrity\nAvailable for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4\nImpact: An application may be able to use arbitrary entitlements\nDescription: This issue was addressed with improved checks. \nCVE-2020-9842: Linus Henze (pinauten.de)\n\nAppleUSBNetworking\nAvailable for: macOS Catalina 10.15.4\nImpact: Inserting a USB device that sends invalid messages may cause\na kernel panic\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2020-9804: Andy Davis of NCC Group\n\nAudio\nAvailable for: macOS Catalina 10.15.4\nImpact: Processing a maliciously crafted audio file may lead to\narbitrary code execution\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-9815: Yu Zhou (@yuzhou6666) working with Trend Micro Zero\nDay Initiative\n\nAudio\nAvailable for: macOS Catalina 10.15.4\nImpact: Processing a maliciously crafted audio file may lead to\narbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2020-9791: Yu Zhou (@yuzhou6666) working with Trend Micro Zero\nDay Initiative\n\nBluetooth\nAvailable for: macOS Catalina 10.15.4\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-9831: Yu Wang of Didi Research America\n\nCalendar\nAvailable for: macOS Catalina 10.15.4\nImpact: Importing a maliciously crafted calendar invitation may\nexfiltrate user information\nDescription: This issue was addressed with improved checks. \nCVE-2020-3882: Andy Grant of NCC Group\n\nCVMS\nAvailable for: macOS Catalina 10.15.4\nImpact: An application may be able to gain elevated privileges\nDescription: This issue was addressed with improved checks. \nCVE-2020-9856: @jinmo123, @setuid0x0_, and @insu_yun_en of\n@SSLab_Gatech working with Trend Micro’s Zero Day Initiative\n\nDiskArbitration\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to break out of its\nsandbox\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-9847: Zhuo Liang of Qihoo 360 Vulcan Team\n\nFind My\nAvailable for: macOS Catalina 10.15.4\nImpact: A local attacker may be able to elevate their privileges\nDescription: A validation issue existed in the handling of symlinks. \nThis issue was addressed with improved validation of symlinks. \nCVE-2020-9855: Zhongcheng Li(CK01) of Topsec Alpha Team\n\nFontParser\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2020-9816: Peter Nguyen Vu Hoang of STAR Labs working with Trend\nMicro Zero Day Initiative\n\nImageIO\nAvailable for: macOS Catalina 10.15.4\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2020-3878: Samuel Groß of Google Project Zero\n\nImageIO\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2020-9789: Wenchao Li of VARAS@IIE\nCVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nIntel Graphics Driver\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2020-9822: ABC Research s.r.o\n\nIPSec\nAvailable for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-9837: Thijs Alkemade of Computest\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2020-9821: Xinru Chi and Tielei Wang of Pangu Lab\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to determine another\napplication's memory layout\nDescription: An information disclosure issue was addressed by\nremoving the vulnerable code. \nCVE-2020-9797: an anonymous researcher\n\nKernel\nAvailable for: macOS Catalina 10.15.4\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: An integer overflow was addressed through improved input\nvalidation. \nCVE-2020-9852: Tao Huang and Tielei Wang of Pangu Lab\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2020-9795: Zhuo Liang of Qihoo 360 Vulcan Team\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: An application may be able to cause unexpected system\ntermination or write kernel memory\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2020-9808: Xinru Chi and Tielei Wang of Pangu Lab\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A local user may be able to read kernel memory\nDescription: An information disclosure issue was addressed with\nimproved state management. \nCVE-2020-9811: Tielei Wang of Pangu Lab\nCVE-2020-9812: Derrek (@derrekr6)\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A logic issue existed resulting in memory corruption. \nThis was addressed with improved state management. \nCVE-2020-9813: Xinru Chi of Pangu Lab\nCVE-2020-9814: Xinru Chi and Tielei Wang of Pangu Lab\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An information disclosure issue was addressed with\nimproved state management. \nCVE-2020-9809: Benjamin Randazzo (@____benjamin)\n\nksh\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A local user may be able to execute arbitrary shell commands\nDescription: An issue existed in the handling of environment\nvariables. This issue was addressed with improved validation. \nCVE-2019-14868\n\nNSURL\nAvailable for: macOS Mojave 10.14.6\nImpact: A malicious website may be able to exfiltrate autofilled data\nin Safari\nDescription: An issue existed in the parsing of URLs. This issue was\naddressed with improved input validation. \nCVE-2020-9857: Dlive of Tencent Security Xuanwu Lab\n\nPackageKit\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to gain root privileges\nDescription: A permissions issue existed. This issue was addressed\nwith improved permission validation. \nCVE-2020-9817: Andy Grant of NCC Group\n\nPackageKit\nAvailable for: macOS Catalina 10.15.4\nImpact: A malicious application may be able to modify protected parts\nof the file system\nDescription: An access issue was addressed with improved access\nrestrictions. \nCVE-2020-9851: Linus Henze (pinauten.de)\n\nPython\nAvailable for: macOS Catalina 10.15.4\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2020-9793\n\nSandbox\nAvailable for: macOS Catalina 10.15.4\nImpact: A malicious application may be able to bypass Privacy\npreferences\nDescription: An access issue was addressed with additional sandbox\nrestrictions. \nCVE-2020-9825: Sreejith Krishnan R (@skr0x1C0)\n\nSecurity\nAvailable for: macOS Catalina 10.15.4\nImpact: A file may be incorrectly rendered to execute JavaScript\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2020-9788: Wojciech Reguła of SecuRing\n(https://wojciechregula.blog)\n\nSIP\nAvailable for: macOS Catalina 10.15.4\nImpact: A non-privileged user may be able to modify restricted\nnetwork settings\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2020-9824: Csaba Fitzl (@theevilbit) of Offensive Security\n\nSQLite\nAvailable for: macOS Catalina 10.15.4\nImpact: A malicious application may cause a denial of service or\npotentially disclose memory contents\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-9794\n\nSystem Preferences\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with improved state\nhandling. \nCVE-2020-9839: @jinmo123, @setuid0x0_, and @insu_yun_en of\n@SSLab_Gatech working with Trend Micro’s Zero Day Initiative\n\nUSB Audio\nAvailable for: macOS Catalina 10.15.4\nImpact: A USB device may be able to cause a denial of service\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2020-9792: Andy Davis of NCC Group\n\nWi-Fi\nAvailable for: macOS Catalina 10.15.4\nImpact: A remote attacker may be able to cause unexpected system\ntermination or corrupt kernel memory\nDescription: A double free issue was addressed with improved memory\nmanagement. \nCVE-2020-9844: Ian Beer of Google Project Zero\n\nWi-Fi\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2020-9830: Tielei Wang of Pangu Lab\n\nWi-Fi\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2020-9834: Yu Wang of Didi Research America\n\nWi-Fi\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A local user may be able to read kernel memory\nDescription: A memory initialization issue was addressed with\nimproved memory handling. \nCVE-2020-9833: Yu Wang of Didi Research America\n\nWi-Fi\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2020-9832: Yu Wang of Didi Research America\n\nWindowServer\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: An integer overflow was addressed through improved input\nvalidation. \nCVE-2020-9841: ABC Research s.r.o. working with Trend Micro Zero Day\nInitiative\n\nzsh\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A local attacker may be able to elevate their privileges\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2019-20044: Sam Foxman\n\nAdditional recognition\n\nCoreBluetooth\nWe would like to acknowledge Maximilian von Tschitschnitz of\nTechnical University Munich and Ludwig Peuckert of Technical\nUniversity Munich for their assistance. \n\nCoreText\nWe would like to acknowledge Jiska Classen (@naehrdine) and Dennis\nHeinze (@ttdennis) of Secure Mobile Networking Lab for their\nassistance. \n\nEndpoint Security\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nImageIO\nWe would like to acknowledge Lei Sun for their assistance. \n\nIOHIDFamily\nWe would like to acknowledge Andy Davis of NCC Group for their\nassistance. \n\nIPSec\nWe would like to acknowledge Thijs Alkemade of Computest for their\nassistance. \n\nLogin Window\nWe would like to acknowledge Jon Morby and an anonymous researcher\nfor their assistance. \n\nSandbox\nWe would like to acknowledge Jason L Lang of Optum for their\nassistance. \n\nSpotlight\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive\nSecurity for their assistance. \n\nInstallation note:\n\nmacOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security\nUpdate 2020-003 High Sierra may be obtained from the Mac App Store or\nApple's Software Downloads web site:\nhttps://support.apple.com/downloads/\n-----BEGIN PGP SIGNATURE-----\nVersion: BCPG v1.64\n\niQIcBAEDCAAGBQJezZcfAAoJEAc+Lhnt8tDNIQYP/0YN+/T85WC7RJjAlRrUDduD\nZO0e76d2C1jNgZWsYmXnrEPwfRYAEPLcKgb/SxAlwlRNFqex9CNu2sD1aA3GZBIO\nMaektARuncqh06rl8BjbakS4HQs675vUEjoJS9H2d0pq2dSEIjOtH1agJwtGIeNS\nwHBFlUnQzI42hurYeq7fxRdiByf+Z3mKEBt6wlVtaWjqcMfG9sroj9H58RLiqSNm\nVNfU4eZNPrG49kbTf4IC2JvvKg18hrUZqIcjbV/56+kPBl4+USIxh/5ECJHV/cDD\nBEe64M2I1LiY0lq6neoOeHvBiiIvUq9EUW2PBnfcbo3V1D35mm6td+WnO3Buqo6f\nEEkjfIwtq7fI10ZPYYjiUayrQyfqmM3x14JcxDsHzlerT6NNRTg3g2ls0seQK9Lt\n8IDbkrseOR0JFukR1njC+cAk4RbDFue5cUJK6Js1nGvFwLN0kHFIhh9jFKgccgH7\nbKSLDAdB+kSxBOshDDmYyNS+KRzXEWIsBU8ZbNAbRDANWqm4lcPffKWcG7zIdiMQ\nJLUclRURf35AoFmJ0F1BZSRzFuHr1Dvh23SjNK7H9i/mD05+rY6esh5ZKco+6Yqe\npW/EOXEAs/J06xUytABH3SkFmQSzlIPuFrXa8qAskHhFp/E8yLehyefoY+AZJjal\nsLrLBIOxQCTskSFoExP8\n=2eah\n-----END PGP SIGNATURE-----\n\n\n\n. 8.0) - aarch64, ppc64le, s390x, x86_64\n\n3. 7) - aarch64, ppc64le, s390x\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: ksh security update\nAdvisory ID: RHSA-2020:0515-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:0515\nIssue date: 2020-02-17\nCVE Names: CVE-2019-14868 \n=====================================================================\n\n1. Summary:\n\nAn update for ksh is now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\n\n3. Description:\n\nKornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which\nis backward-compatible with the Bourne shell (sh) and includes many\nfeatures of the C shell. The most recent version is KSH-93. KornShell\ncomplies with the POSIX.2 standard (IEEE Std 1003.2-1992). \n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions\non startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nksh-20120801-38.el6_10.src.rpm\n\ni386:\nksh-20120801-38.el6_10.i686.rpm\nksh-debuginfo-20120801-38.el6_10.i686.rpm\n\nx86_64:\nksh-20120801-38.el6_10.x86_64.rpm\nksh-debuginfo-20120801-38.el6_10.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nksh-20120801-38.el6_10.src.rpm\n\nx86_64:\nksh-20120801-38.el6_10.x86_64.rpm\nksh-debuginfo-20120801-38.el6_10.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nksh-20120801-38.el6_10.src.rpm\n\ni386:\nksh-20120801-38.el6_10.i686.rpm\nksh-debuginfo-20120801-38.el6_10.i686.rpm\n\nppc64:\nksh-20120801-38.el6_10.ppc64.rpm\nksh-debuginfo-20120801-38.el6_10.ppc64.rpm\n\ns390x:\nksh-20120801-38.el6_10.s390x.rpm\nksh-debuginfo-20120801-38.el6_10.s390x.rpm\n\nx86_64:\nksh-20120801-38.el6_10.x86_64.rpm\nksh-debuginfo-20120801-38.el6_10.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nksh-20120801-38.el6_10.src.rpm\n\ni386:\nksh-20120801-38.el6_10.i686.rpm\nksh-debuginfo-20120801-38.el6_10.i686.rpm\n\nx86_64:\nksh-20120801-38.el6_10.x86_64.rpm\nksh-debuginfo-20120801-38.el6_10.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-14868\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXkpR39zjgjWX9erEAQgOuA//VVykbqa3Z1flEfzz4+aWXxhfmuF3sEn/\nRPoENKb82LLn2BYPkke06fzpU0GynEwgq3AsqezB0GhcU30ErhaEMKb7UggFgjNL\n/6rbQu/3I9wEbZ9BsiYieuhNY/B77RuaOWYt96M9xthj8naEW4IEf7614ayiFBgu\nKcm0g1/4SLiU6jayisb7dlO1yjDSdlM5NUDsYeZu4axMmkGzsxoA1uC8SNe7exee\nRV03H0TGeg4nXdSrGu6dhpbt8MAT7KM7wtIVpfSzqmepyhCeuqi5yitUeVFtWr3M\nrcgNRSgG0/IqZJTuccqtpVBWncQisewSfr/AUPpo6LSQOF4UI+PlH0iVJQsitVHi\nCIjBvlY/AAN2t3efd80nC9sOIOT0AnEyI1NkfRgdybsivarwkT9VYjkdKah7lBQC\nQBNPXB8elyxjtoB1suhlQPqmSkd4VQ/AP0P2AeB+01fBzV4I1rS+sgcDmiWyOyl4\nXqc4G8Q3eX+Z2N3kGaWtlW92rRF1hhvDeT3VOdHnRD9dofuYQAEVnJGgUOpWQOmA\njkMCS4GipUrfyOZVR8iXjYqGoIo4JF2kM5trBYCo5gXW+tiKbZ9dTCQCmqtgVYwK\nQkH3XQR967JVz1uK1sDB0Ngd5HPqFlvZg+vGcl/xJPr3s8elpOM6AI6vJRgFAArd\n1EP8ndPtKmA=\n=UPpY\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 7) - x86_64\n\n3", sources: [ { db: "NVD", id: "CVE-2019-14868", }, { db: "JVNDB", id: "JVNDB-2019-015261", }, { db: "VULHUB", id: "VHN-146857", }, { db: "PACKETSTORM", id: "156454", }, { db: "PACKETSTORM", id: "157877", }, { db: "PACKETSTORM", id: "156218", }, { db: "PACKETSTORM", id: "157123", }, { db: "PACKETSTORM", id: "160382", }, { db: "PACKETSTORM", id: "156381", }, { db: "PACKETSTORM", id: "156502", }, { db: "PACKETSTORM", id: "160376", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-14868", trust: 3.3, }, { db: "PACKETSTORM", id: "157877", trust: 0.8, }, { db: "PACKETSTORM", id: "156502", trust: 0.8, }, { db: "PACKETSTORM", id: "157123", trust: 0.8, }, { db: "PACKETSTORM", id: "160376", trust: 0.8, }, { db: "PACKETSTORM", id: "156454", trust: 0.8, }, { db: "PACKETSTORM", id: "156218", trust: 0.8, }, { db: "PACKETSTORM", id: "156381", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-015261", trust: 0.8, }, { db: "PACKETSTORM", id: "157769", trust: 0.7, }, { db: "CNNVD", id: "CNNVD-202002-300", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2020.1859", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.1223", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.4313", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2463", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0539", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.1772", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0663", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0630", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0426", trust: 0.6, }, { db: "PACKETSTORM", id: "160382", trust: 0.2, }, { db: "PACKETSTORM", id: "157121", trust: 0.1, }, { db: "VULHUB", id: "VHN-146857", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-146857", }, { db: "JVNDB", id: "JVNDB-2019-015261", }, { db: "PACKETSTORM", id: "156454", }, { db: "PACKETSTORM", id: "157877", }, { db: "PACKETSTORM", id: "156218", }, { db: "PACKETSTORM", id: "157123", }, { db: "PACKETSTORM", id: "160382", }, { db: "PACKETSTORM", id: "156381", }, { db: "PACKETSTORM", id: "156502", }, { db: "PACKETSTORM", id: "160376", }, { db: "CNNVD", id: "CNNVD-202002-300", }, { db: "NVD", id: "CVE-2019-14868", }, ], }, id: "VAR-202004-0812", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-146857", }, ], trust: 0.01, }, last_update_date: "2024-11-29T21:37:40.613000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Harden env var imports", trust: 0.8, url: "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2", }, { title: "Red Hat Enterprise Linux KornShell Security vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=109905", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-015261", }, { db: "CNNVD", id: "CNNVD-202002-300", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-77", trust: 1.1, }, { problemtype: "CWE-74", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-146857", }, { db: "JVNDB", id: "JVNDB-2019-015261", }, { db: "NVD", id: "CVE-2019-14868", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://support.apple.com/kb/ht211170", }, { trust: 2.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-14868", }, { trust: 1.7, url: "http://seclists.org/fulldisclosure/2020/may/53", }, { trust: 1.7, url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html", }, { trust: 1.7, url: "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-14868", }, { trust: 1.7, url: "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2", }, { trust: 1.3, url: "https://access.redhat.com/security/cve/cve-2019-14868", }, { trust: 1.3, url: "https://access.redhat.com/errata/rhsa-2020:0431", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14868", }, { trust: 0.7, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.7, url: "https://bugzilla.redhat.com/):", }, { trust: 0.7, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.7, url: "https://access.redhat.com/articles/11258", }, { trust: 0.7, url: "https://access.redhat.com/errata/rhsa-2020:0559", }, { trust: 0.7, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.7, url: "https://access.redhat.com/security/updates/classification/#important", }, { trust: 0.7, url: "https://access.redhat.com/errata/rhsa-2020:1333", }, { trust: 0.7, url: "https://access.redhat.com/errata/rhsa-2020:5351", }, { trust: 0.7, url: "https://access.redhat.com/errata/rhsa-2020:0515", }, { trust: 0.7, url: "https://access.redhat.com/errata/rhsa-2020:0568", }, { trust: 0.7, url: "https://access.redhat.com/errata/rhsa-2020:5352", }, { trust: 0.6, url: "https://access.redhat.com/errata/rhsa-2020:2210", }, { trust: 0.6, url: "https://access.redhat.com/errata/rhsa-2020:1332", }, { trust: 0.6, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1757324", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1772/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/157123/red-hat-security-advisory-2020-1333-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0539/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/156218/red-hat-security-advisory-2020-0431-01.html", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/ksh-code-execution-via-environment-variables-arithmetic-expressions-31521", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.4313/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0426/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/160376/red-hat-security-advisory-2020-5352-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0630/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0663/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/156381/red-hat-security-advisory-2020-0515-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2463/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/157877/apple-security-advisory-2020-05-26-3.html", }, { trust: 0.6, url: "https://support.apple.com/en-us/ht211170", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/156502/red-hat-security-advisory-2020-0568-01.html", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/157769/red-hat-security-advisory-2020-2210-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1859/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/156454/red-hat-security-advisory-2020-0559-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1223/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9809", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9813", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9795", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9822", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9804", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9826", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9814", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9811", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9792", }, { trust: 0.1, url: "https://support.apple.com/downloads/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3882", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9824", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9817", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9797", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9791", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9808", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9788", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9790", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9825", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9821", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9816", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9789", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20044", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3878", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9815", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9793", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9794", }, { trust: 0.1, url: "https://wojciechregula.blog)", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9812", }, ], sources: [ { db: "VULHUB", id: "VHN-146857", }, { db: "JVNDB", id: "JVNDB-2019-015261", }, { db: "PACKETSTORM", id: "156454", }, { db: "PACKETSTORM", id: "157877", }, { db: "PACKETSTORM", id: "156218", }, { db: "PACKETSTORM", id: "157123", }, { db: "PACKETSTORM", id: "160382", }, { db: "PACKETSTORM", id: "156381", }, { db: "PACKETSTORM", id: "156502", }, { db: "PACKETSTORM", id: "160376", }, { db: "CNNVD", id: "CNNVD-202002-300", }, { db: "NVD", id: "CVE-2019-14868", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-146857", }, { db: "JVNDB", id: "JVNDB-2019-015261", }, { db: "PACKETSTORM", id: "156454", }, { db: "PACKETSTORM", id: "157877", }, { db: "PACKETSTORM", id: "156218", }, { db: "PACKETSTORM", id: "157123", }, { db: "PACKETSTORM", id: "160382", }, { db: "PACKETSTORM", id: "156381", }, { db: "PACKETSTORM", id: "156502", }, { db: "PACKETSTORM", id: "160376", }, { db: "CNNVD", id: "CNNVD-202002-300", }, { db: "NVD", id: "CVE-2019-14868", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-04-02T00:00:00", db: "VULHUB", id: "VHN-146857", }, { date: "2020-04-21T00:00:00", db: "JVNDB", id: "JVNDB-2019-015261", }, { date: "2020-02-20T21:13:20", db: "PACKETSTORM", id: "156454", }, { date: "2020-05-29T19:04:22", db: "PACKETSTORM", id: "157877", }, { date: "2020-02-05T18:50:02", db: "PACKETSTORM", id: "156218", }, { date: "2020-04-06T19:18:52", db: "PACKETSTORM", id: "157123", }, { date: "2020-12-07T14:26:16", db: "PACKETSTORM", id: "160382", }, { date: "2020-02-17T17:26:14", db: "PACKETSTORM", id: "156381", }, { date: "2020-02-25T15:06:40", db: "PACKETSTORM", id: "156502", }, { date: "2020-12-07T14:00:31", db: "PACKETSTORM", id: "160376", }, { date: "2020-02-06T00:00:00", db: "CNNVD", id: "CNNVD-202002-300", }, { date: "2020-04-02T17:15:13.990000", db: "NVD", id: "CVE-2019-14868", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-12T00:00:00", db: "VULHUB", id: "VHN-146857", }, { date: "2020-04-21T00:00:00", db: "JVNDB", id: "JVNDB-2019-015261", }, { date: "2023-03-21T00:00:00", db: "CNNVD", id: "CNNVD-202002-300", }, { date: "2024-11-21T04:27:32.553000", db: "NVD", id: "CVE-2019-14868", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202002-300", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "ksh Injection vulnerabilities in", sources: [ { db: "JVNDB", id: "JVNDB-2019-015261", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "command injection", sources: [ { db: "CNNVD", id: "CNNVD-202002-300", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.