CVE-2018-1083

Published: 26 March 2018

Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation.

Priority

CVSS 3 base score: 7.8

Status

Package	Release	Status
zsh Launchpad, Ubuntu, Debian	artful	Released (5.2-5ubuntu1.2)
	precise	Does not exist
	trusty	Does not exist (trusty was released [5.0.2-3ubuntu6.2])
	upstream	Needs triage
	xenial	Released (5.1.1-1ubuntu2.2)

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1083
https://sourceforge.net/p/zsh/code/ci/259ac472eac291c8c103c7a0d8a4eaf3c2942ed7
https://ubuntu.com/security/notices/USN-3608-1
NVD
Launchpad
Debian

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894043

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›