Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-7186

CWE-119Buffer Overflow17 documents12 sources
Severity
10.0CRITICAL
EPSS
89.9%
top 0.43%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
GNU Bash
Timeline
PublishedSep 28
Latest updateMay 14

Description

The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted use of here documents, aka the "redir_stack" issue.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

Debianbash< 4.3-9.2+3
Ubuntubash< 4.3-7ubuntu1.4
NVDgnu/bash25 versions+24

🔴Vulnerability Details

5
GHSA
GHSA-w7vx-gpvr-f5cg: The redirection implementation in parse2022-05-14
CVEList
CVE-2014-7186: The redirection implementation in parse2014-09-28
OSV
CVE-2014-7186: The redirection implementation in parse2014-09-28
OSV
bash vulnerabilities2014-09-27
VulnCheck
GNU Bourne-Again Shell (Bash) Improper Restriction of Operations within the Bounds of a Memory Buffer2014

💥Exploits & PoCs

2
Exploit-DB
GNU bash 4.3.11 - Environment Variable dhclient2014-10-02
Exploit-DB
dhclient 4.1 - Bash Environment Variable Command Injection (Shellshock)2014-09-29

📋Vendor Advisories

6
Ubuntu
Bash vulnerabilities2014-09-27
Cisco
GNU Bash Environment Variable Command Injection Vulnerability2014-09-26
Red Hat
bash: parser can allow out-of-bounds memory access while handling redir_stack2014-09-25
Debian
CVE-2014-7186: bash - The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 all...2014
Apple
CVE-2014-7186: OS X Yosemite v10.10.2 and Security Update 2015-001

💬Community

2
Bugzilla
CVE-2014-6278 bash: incorrect parsing of function definitions with nested command substitutions2014-09-29
Bugzilla
CVE-2014-7186 bash: parser can allow out-of-bounds memory access while handling redir_stack2014-09-26