Bash: Arbitrary code execution — GLSA 201612-39

A vulnerability in Bash could potentially lead to arbitrary code execution.

Affected Packages

app-shells/bash on all architectures
Affected versions < 4.3_p46-r1
Unaffected versions >= 4.3_p46-r1

Background

Bash is the standard GNU Bourne Again SHell.

Description

A vulnerability was found in the way Bash expands $HOSTNAME. Injecting malicious code into $HOSTNAME could cause it to run each time Bash expands \h in the prompt string.

Impact

A remote attacker controlling the system’s hostname (i.e. via DHCP) could possibly execute arbitrary code with the privileges of the process, or cause a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All Bash users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-shells/bash-4.3_p46-r1"
 

References

Release Date
December 13, 2016

Latest Revision
December 13, 2016: 2

Severity
normal

Exploitable
remote

Bugzilla entries