{ "threat_severity" : "Moderate", "public_date" : "2014-09-26T00:00:00Z", "bugzilla" : { "description" : "bash: off-by-one error in deeply nested flow control constructs", "id" : "1146804", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1146804" }, "cvss" : { "cvss_base_score" : "4.6", "cvss_scoring_vector" : "AV:L/AC:L/Au:N/C:P/I:P/A:P", "status" : "verified" }, "cwe" : "CWE-193", "details" : [ "Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the \"word_lineno\" issue.", "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash." ], "statement" : "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", "acknowledgement" : "This issue was discovered by Florian Weimer (Red Hat Product Security).", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 4 Extended Lifecycle Support", "release_date" : "2014-09-26T00:00:00Z", "advisory" : "RHSA-2014:1311", "cpe" : "cpe:/o:redhat:rhel_els:4", "package" : "bash-0:3.0-27.el4.4" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2014-09-26T00:00:00Z", "advisory" : "RHSA-2014:1306", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "bash-0:3.2-33.el5_11.4" }, { "product_name" : "Red Hat Enterprise Linux 5.6 Long Life", "release_date" : "2014-09-26T00:00:00Z", "advisory" : "RHSA-2014:1311", "cpe" : "cpe:/o:redhat:rhel_mission_critical:5.6", "package" : "bash-0:3.2-24.el5_6.2" }, { "product_name" : "Red Hat Enterprise Linux 5.9 Extended Update Support", "release_date" : "2014-09-26T00:00:00Z", "advisory" : "RHSA-2014:1311", "cpe" : "cpe:/o:redhat:rhel_eus:5.9", "package" : "bash-0:3.2-32.el5_9.3" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-09-26T00:00:00Z", "advisory" : "RHSA-2014:1306", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "bash-0:4.1.2-15.el6_5.2" }, { "product_name" : "Red Hat Enterprise Linux 6.2 Advanced Update Support", "release_date" : "2014-09-26T00:00:00Z", "advisory" : "RHSA-2014:1311", "cpe" : "cpe:/o:redhat:rhel_mission_critical:6.2", "package" : "bash-0:4.1.2-9.el6_2.2" }, { "product_name" : "Red Hat Enterprise Linux 6.4 Extended Update Support", "release_date" : "2014-09-26T00:00:00Z", "advisory" : "RHSA-2014:1311", "cpe" : "cpe:/o:redhat:rhel_eus:6.4", "package" : "bash-0:4.1.2-15.el6_4.2" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2014-09-26T00:00:00Z", "advisory" : "RHSA-2014:1306", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "bash-0:4.2.45-5.el7_0.4" }, { "product_name" : "RHEV Manager version 3.4", "release_date" : "2014-10-02T00:00:00Z", "advisory" : "RHSA-2014:1354", "cpe" : "cpe:/a:redhat:rhev_manager:3", "package" : "rhev-hypervisor6-0:6.5-20140930.1.el6ev" }, { "product_name" : "S-JIS for Red Hat Enteprise Linux 5", "release_date" : "2014-09-26T00:00:00Z", "advisory" : "RHSA-2014:1312", "cpe" : "cpe:/a:redhat:rhel_sjis:5", "package" : "bash-0:3.2-33.el5_11.1.sjis.2" }, { "product_name" : "S-JIS for Red Hat Enteprise Linux 6", "release_date" : "2014-09-26T00:00:00Z", "advisory" : "RHSA-2014:1312", "cpe" : "cpe:/a:redhat:rhel_sjis:6", "package" : "bash-0:4.1.2-15.el6_5.1.sjis.2" }, { "product_name" : "S-JIS for RHEL 5.9.Z", "release_date" : "2014-11-17T00:00:00Z", "advisory" : "RHSA-2014:1865", "cpe" : "cpe:/a:redhat:rhel_sjis:5", "package" : "bash-0:3.2-32.el5_9.3.sjis.1" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2014-7187\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-7187" ], "name" : "CVE-2014-7187", "csaw" : false }