Launchpad.net

CVE 2014-7187

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.

Related bugs and status

CVE-2014-7187 (Candidate) is related to these bugs:

Bug #1373781: bash incomplete fix for CVE-2014-6271

		In	Importance	Status
1373781	bash incomplete fix for CVE-2014-6271	bash (Ubuntu)	Undecided	Fix Released
1373781	bash incomplete fix for CVE-2014-6271	bash (Ubuntu Lucid)	Undecided	Fix Released
1373781	bash incomplete fix for CVE-2014-6271	bash (Ubuntu Utopic)	Undecided	Fix Released
1373781	bash incomplete fix for CVE-2014-6271	bash (Ubuntu Precise)	Undecided	Fix Released
1373781	bash incomplete fix for CVE-2014-6271	bash (Ubuntu Trusty)	Undecided	Fix Released

Bug #1373965: bash: specially-crafted environment variables can be used to inject shell commands

		In	Importance	Status
1373965	bash: specially-crafted environment variables can be used to inject shell commands	Mirantis OpenStack	Critical	Fix Committed
1373965	bash: specially-crafted environment variables can be used to inject shell commands	Mirantis OpenStack 5.1.x	Critical	Fix Released
1373965	bash: specially-crafted environment variables can be used to inject shell commands	Mirantis OpenStack 6.0.x	Critical	Fix Committed
1373965	bash: specially-crafted environment variables can be used to inject shell commands	Mirantis OpenStack 5.0.x	Critical	In Progress

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2014-7187

Related bugs and status

Related bugs

References