Cloud Foundry Logo

CVE-2014-7186 and CVE-2014-7187 – Bash Out of Bounds

By: | September 29, 2014

Share

CVE-2014-7186 and CVE-2014-7187 – Bash Out of Bounds

Severity

Moderate

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 10.04 LTS and 14.04 LTS that include bash through 4.3 bash43-026

Description

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the ‘word_lineno’ issue.

The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted use of here documents, aka the ‘redir_stack’ issue.

The Cloud Foundry project is unaware of vulnerable versions of bash potentially allowing a denial of service remotely. No exploits have been identified or confirmed yet.

Affected Products and Versions

Severity is moderate unless otherwise noted.

  • All versions of Cloud Foundry BOSH stemcells prior to 2719.2 and prior have bash executables vulnerable to CVE-2014-7186 and CVE-2014-7187.
  • All versions of Cloud Foundry runtime v187 and prior have bash executables vulnerable to CVE-2014-7186 and CVE-2014-7187.

Mitigation

Users of affected versions should apply the following mitigation:

  • The Cloud Foundry project recommends that Cloud Foundry Runtime Deployments running Release v187 or earlier upgrade to v188 or later and BOSH stemcells 2719.3 or later when they are available, which are planned to contain the patched version of bash that resolves CVE-2014-7186 and CVE-2014-7187.

Credit

Florian Weimer and Todd Sabin

References

History

2014-Sep-29: Initial vulnerability report published.

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES