PT-2019-5765 · Zsh Developers+7 · Zsh+7

Sam Foxman

·

Publicado

2019-12-27

·

Atualizado

2024-06-15

·

CVE-2019-20044

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Zsh versions prior to 5.8
Description The issue is related to the incorrect overwriting of the saved uid in the Zsh command-line shell, allowing attackers who can execute commands to regain dropped privileges. This can be achieved by executing MODULE PATH=/dir/with/module zmodload with a module that calls setuid(), thus restoring the original privileges. The exploitation of this issue may allow an attacker to access confidential data, compromise its integrity, and cause a denial of service.
Recommendations For versions prior to 5.8, update to version 5.8 or later to resolve the issue. As a temporary workaround, consider restricting the use of the zmodload command with modules that call setuid() to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-273

Identificadores relacionados

ALSA-2020:0903
BDU:2021-01493
CESA-2020_0853
CESA-2020_0892
CESA-2020_0903
CVE-2019-20044
DLA-2117-1
DLA-2470-1
MGASA-2020-0107
OPENSUSE-SU-2022:0735-1
OPENSUSE-SU-2022_0735-1
OPENSUSE-SU-2024:11543-1
RHSA-2020:0853
RHSA-2020:0892
RHSA-2020:0903
RHSA-2020:0978
RHSA-2020_0853
RHSA-2020_0892
RHSA-2020_0903
RLSA-2020:0903
SUSE-SU-2022:0732-1
SUSE-SU-2022:0733-1
SUSE-SU-2022:0735-1
SUSE-SU-2022:14910-1
SUSE-SU-2022_0732-1
SUSE-SU-2022_0735-1
SUSE-SU-2022_14910-1
USN-5325-1

Produtos afetados

Almalinux
Centos
Linuxmint
Red Hat
Rocky Linux
Suse
Ubuntu
Zsh