CVE-2014-7186
Find out more about CVE-2014-7186 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.
CVSS v2 metrics
| Base Score | 4.6 |
|---|---|
| Base Metrics | AV:L/AC:L/Au:N/C:P/I:P/A:P |
| Access Vector | Local |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | Partial |
| Integrity Impact | Partial |
| Availability Impact | Partial |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| S-JIS for Red Hat Enteprise Linux 6 Server (bash) | RHSA-2014:1312 | 2014-09-26 |
| Red Hat Enterprise Linux Extended Lifecycle Support 4 (bash) | RHSA-2014:1311 | 2014-09-26 |
| S-JIS for Red Hat Enteprise Linux 5 Server (bash) | RHSA-2014:1865 | 2014-11-17 |
| Red Hat Enterprise Linux 5 (bash) | RHSA-2014:1306 | 2014-09-26 |
| Red Hat Enterprise Linux EUS (v. 5.9 server) (bash) | RHSA-2014:1311 | 2014-09-26 |
| Red Hat Enterprise Linux 6 (bash) | RHSA-2014:1306 | 2014-09-26 |
| RHEV Manager 3 (rhev-hypervisor6) | RHSA-2014:1354 | 2014-10-02 |
| Red Hat Enterprise Linux Advanced Update Support 6.2 (bash) | RHSA-2014:1311 | 2014-09-26 |
| Red Hat Enterprise Linux 7 (bash) | RHSA-2014:1306 | 2014-09-26 |
| Red Hat Enterprise Linux Extended Update Support 6.4 (bash) | RHSA-2014:1311 | 2014-09-26 |
| S-JIS for Red Hat Enteprise Linux 5 Server (bash) | RHSA-2014:1312 | 2014-09-26 |
| Red Hat Enterprise Linux Long Life (v. 5.6 server) (bash) | RHSA-2014:1311 | 2014-09-26 |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 7 | rhel-guest-image | Will not fix |
| Red Hat Enterprise Linux 6 | guest-images | Will not fix |
| Red Hat Enterprise Linux 3 | bash | Will not fix |
| RHEV Manager 3 | rhev-hypervisor | Will not fix |
