K86221000: Bash vulnerability CVE-2019-18276

Security Advisory Description An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Bash vulnerability (USN-5380-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5380-1 advisory. It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use th...

Advisory ROSA-SA-2021-1802

Software: bash 4.2.46 OS: Cobalt 7.9 CVE-ID: CVE-2012-6711 CVE-Crit: HIGH CVE-DESC: A heap-based buffer overflow exists in GNU Bash before 4.3, when broad characters not supported by the current language standard set in the LCCTYPE environment variable are printed using the built-in echo function...

EulerOS 2.0 SP5 : bash (EulerOS-SA-2020-1303)

According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to...

Design/Logic Flaw

An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems th...