Re: Bash has a stack overflow vulnerability

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bash has a stack overflow vulnerability

From:	Chet Ramey
Subject:	Re: Bash has a stack overflow vulnerability
Date:	Thu, 30 May 2024 09:32:57 -0400
User-agent:	Mozilla Thunderbird

On 5/30/24 12:53 AM, B_M wrote:

Hello, I have discovered a severe heap overflow vulnerability in Bash,
which exists in both the latest and older versions. Attackers can craft
payloads to elevate privileges or execute malicious code. Should I directly
submit it to the CVE website, or should I send it to you? If I send it to
you, can I still obtain a CVE identifier?


Send it to me -- directly if you like -- so we can see if you've got
something.

--
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    chet@case.edu    http://tiswww.cwru.edu/~chet/

OpenPGP_signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

Bash has a stack overflow vulnerability, B_M, 2024/05/30
- Re: Bash has a stack overflow vulnerability, Chet Ramey <=

Prev by Date: Bash has a stack overflow vulnerability
Next by Date: Re: [PATCH] readstr: do not clear undo list
Previous by thread: Bash has a stack overflow vulnerability
Next by thread: [PATCH] bind_assoc_variable: free key if cannot assign
Index(es):
- Date
- Thread