Security Bulletin: Vulnerabilities in Bash affect NVIDIA Tegra Linux L4T CVE 2014-6271, CVE 2014-7169, CVE 2014-7186, CVE 2014-7187, CVE 2014-6277, CVE 2014-6278

2015-03-03T00:00:00
ID NVIDIA:4386
Type nvidia
Reporter Nvidia
Modified 2017-05-15T12:37:00

Description

Vulnerability Details

CVE-2014-6271

GNU Bash processes trailing strings after function definitions in the values of environment variables. This processing allows remote attackers to execute arbitrary code through a crafted environment.

CVSS Base Score: 10
CVSS Temporal Score: 8.3
CVSS 2 Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)

CVE-2014-6277

GNU Bash through version 4.3 bash43-026 does not properly parse function definitions in the values of environment variables. This failure to properly parse function definitions allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) through a crafted environment.

CVSS Base Score: 10
CVSS Temporal Score: 8.3
CVSS 2 Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)

CVE-2014-6278

GNU Bash through version 4.3 bash43-026 does not properly parse function definitions in the values of environment variables. This failure to properly parse function definitions allows remote attackers to execute arbitrary commands through a crafted environment.

CVSS Base Score: 10
CVSS Temporal Score: 8.3
CVSS 2 Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)

CVE-2014-7169

GNU Bash processes trailing strings after certain malformed function definitions in the values of environment variables. This processing allows remote attackers to write to files and may have some other unknown impact through a crafted environment.

CVSS Base Score: 10
CVSS Temporal Score: 8.3
CVSS 2 Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)

CVE-2014-7186

The redirection implementation in parse.y in GNU Bash through version 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly some other unspecified impact through crafted use-of-here documents. This issue is also known as the redir_stack issue.

CVSS Base Score: 10
CVSS Temporal Score: 8.3
CVSS 2 Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)

CVE-2014-7187

An off-by-one error in the read_token_word function in parse.y in GNU Bash through version 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly some other unspecified impact through deeply nested for loops. This issue is also known as the word_lineno issue.

CVSS Base Score: 10
CVSS Temporal Score: 8.3
CVSS 2 Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)

NVIDIA’s risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting a local security or IT professional to evaluate the risk of your specific configuration.