#VU5327 Memory corruption in Bash


Published: 2020-03-18 | Updated: 2020-04-07

Vulnerability identifier: #VU5327

Vulnerability risk: Critical

CVSSv3.1:

CVE-ID: CVE-2014-7186

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Bash
Universal components / Libraries / Scripting languages

Vendor: GNU

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to out-of-bounds memory access while handling multiple "<<EOF" declarations. A remote attacker can trigger memory corruption and execute arbitrary code.

Exploitation example: 

bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' ||  echo "CVE-2014-7186 vulnerable, redir_stack"

Successful exploitation results in arbitrary code execution on the vulnerable system.

Note: this vulnerability was being actively exploited.

Mitigation
Update GNU Bash to version 4.3 bash43-027.

Vulnerable software versions

Bash: 1.14.0 - 4.3

CPE

External links
http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-027

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability


Multiple vulnerabilities in HP Systems Insight Manager for Windows
Multiple vulnerabilities in HP Next Generation Firewall (NGFW)
Multiple vulnerabilities in HP Operations Analytics
Multiple vulnerabilities in HP Business Service Automation Essentials
Multiple vulnerabilities in HP Automation Insight
Multiple vulnerabilities in IBM FOS Firmware
Multiple vulnerabilities in IBM FlashSystem 840 and V840
Ubuntu update for Bash
Multiple vulnerabilities in HP StoreOnce Gen 2 Backup
Multiple vulnerabilities in HP StoreEver ESL G3 Tape Library