CVE-2017-18206 — Improper Restriction of Operations within the Bounds of a Memory Buffer in ZSH

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120 — Classic Buffer Overflow CWE-121 — Stack-based Buffer Overflow8 documents7 sources

Severity

9.8CRITICALNVD

OSV7.8

EPSS

0.4%

top 39.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ZSH Debian ZSH Canonical Ubuntu Linux

Timeline

PublishedFeb 27

Latest updateMay 13

Description

In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

▶NVDzsh/zsh< 5.4

▶debiandebian/zsh< zsh 5.4.1-1 (bookworm)

▶Debianzsh/zsh< 5.4.1-1+3

▶Ubuntuzsh/zsh< 5.0.2-3ubuntu6.1+1

Also affects: Ubuntu Linux 14.04, 16.04, 17.10

Patches

Patch: sourceforge.net ↗Patch: sourceforge.net ↗

🔴Vulnerability Details

GHSA

GHSA-vpqc-mgq5-m5xg: In utils↗2022-05-13

▶

OSV

zsh vulnerabilities↗2018-03-08

▶

OSV

CVE-2017-18206: In utils↗2018-02-27

▶

📋Vendor Advisories

Ubuntu

Zsh vulnerabilities↗2018-03-08

▶

Red Hat

zsh: buffer overrun in symlinks↗2017-05-09

▶

Debian

CVE-2017-18206: zsh - In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.↗2017

▶

💬Community

Bugzilla

CVE-2017-18206 zsh: buffer overrun in symlinks↗2018-02-27

▶