Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-14868 (GCVE-0-2019-14868)
Vulnerability from cvelistv5 – Published: 2020-04-02 16:48 – Updated: 2024-08-05 00:26
VLAI?
EPSS
Summary
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.
Severity ?
7.4 (High)
CWE
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:26:39.141Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211170"
},
{
"name": "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/May/53"
},
{
"name": "[debian-lts-announce] 20200720 [SECURITY] [DLA 2284-1] ksh security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ksh",
"vendor": "KornShell",
"versions": [
{
"status": "affected",
"version": "20120801"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-20T23:06:17",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT211170"
},
{
"name": "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/May/53"
},
{
"name": "[debian-lts-announce] 20200720 [SECURITY] [DLA 2284-1] ksh security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2019-14868",
"datePublished": "2020-04-02T16:48:57",
"dateReserved": "2019-08-10T00:00:00",
"dateUpdated": "2024-08-05T00:26:39.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ksh_project:ksh:20120801:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C453FD9C-7375-4E2E-84AD-ABC3CC786153\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.15.5\", \"matchCriteriaId\": \"99973242-A249-4C34-B042-5F833AE73708\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.\"}, {\"lang\": \"es\", \"value\": \"En ksh versi\\u00f3n 20120801, se detect\\u00f3 un fallo en la manera que eval\\u00faa determinadas variables de entorno. Un atacante podr\\u00eda usar este fallo para anular u omitir unas restricciones del entorno para ejecutar comandos de shell. Los servicios y las aplicaciones permiten a atacantes remotos no autenticados proporcionar una de esas variables de entorno que podr\\u00edan permitirles explotar este problema remotamente.\"}]",
"id": "CVE-2019-14868",
"lastModified": "2024-11-21T04:27:32.553",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.4, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.4, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-04-02T17:15:13.990",
"references": "[{\"url\": \"http://seclists.org/fulldisclosure/2020/May/53\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT211170\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2020/May/53\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT211170\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-77\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-77\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-14868\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-04-02T17:15:13.990\",\"lastModified\":\"2024-11-21T04:27:32.553\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.\"},{\"lang\":\"es\",\"value\":\"En ksh versi\u00f3n 20120801, se detect\u00f3 un fallo en la manera que eval\u00faa determinadas variables de entorno. Un atacante podr\u00eda usar este fallo para anular u omitir unas restricciones del entorno para ejecutar comandos de shell. Los servicios y las aplicaciones permiten a atacantes remotos no autenticados proporcionar una de esas variables de entorno que podr\u00edan permitirles explotar este problema remotamente.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.4,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ksh_project:ksh:20120801:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C453FD9C-7375-4E2E-84AD-ABC3CC786153\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.15.5\",\"matchCriteriaId\":\"99973242-A249-4C34-B042-5F833AE73708\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2020/May/53\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT211170\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2020/May/53\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT211170\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
RHSA-2020:5352
Vulnerability from csaf_redhat - Published: 2020-12-07 11:06 - Updated: 2025-11-21 18:18Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5352",
"url": "https://access.redhat.com/errata/RHSA-2020:5352"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5352.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2025-11-21T18:18:56+00:00",
"generator": {
"date": "2025-11-21T18:18:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:5352",
"initial_release_date": "2020-12-07T11:06:38+00:00",
"revision_history": [
{
"date": "2020-12-07T11:06:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-07T11:06:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:18:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.2::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-26.el7_2.x86_64",
"product": {
"name": "ksh-0:20120801-26.el7_2.x86_64",
"product_id": "ksh-0:20120801-26.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-26.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-26.el7_2.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-26.el7_2.x86_64",
"product_id": "ksh-debuginfo-0:20120801-26.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-26.el7_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-26.el7_2.src",
"product": {
"name": "ksh-0:20120801-26.el7_2.src",
"product_id": "ksh-0:20120801-26.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-26.el7_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-26.el7_2.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src"
},
"product_reference": "ksh-0:20120801-26.el7_2.src",
"relates_to_product_reference": "7Server-7.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-26.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64"
},
"product_reference": "ksh-0:20120801-26.el7_2.x86_64",
"relates_to_product_reference": "7Server-7.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-26.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-26.el7_2.x86_64",
"relates_to_product_reference": "7Server-7.2.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src",
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64",
"7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-07T11:06:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src",
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64",
"7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5352"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src",
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64",
"7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src",
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64",
"7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020_0515
Vulnerability from csaf_redhat - Published: 2020-02-17 09:03 - Updated: 2024-11-22 14:25Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0515",
"url": "https://access.redhat.com/errata/RHSA-2020:0515"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0515.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2024-11-22T14:25:24+00:00",
"generator": {
"date": "2024-11-22T14:25:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:0515",
"initial_release_date": "2020-02-17T09:03:47+00:00",
"revision_history": [
{
"date": "2020-02-17T09:03:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-02-17T09:03:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:25:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-38.el6_10.i686",
"product": {
"name": "ksh-0:20120801-38.el6_10.i686",
"product_id": "ksh-0:20120801-38.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"product": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"product_id": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-38.el6_10.x86_64",
"product": {
"name": "ksh-0:20120801-38.el6_10.x86_64",
"product_id": "ksh-0:20120801-38.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"product_id": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-38.el6_10.src",
"product": {
"name": "ksh-0:20120801-38.el6_10.src",
"product_id": "ksh-0:20120801-38.el6_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-38.el6_10.s390x",
"product": {
"name": "ksh-0:20120801-38.el6_10.s390x",
"product_id": "ksh-0:20120801-38.el6_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"product": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"product_id": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-38.el6_10.ppc64",
"product": {
"name": "ksh-0:20120801-38.el6_10.ppc64",
"product_id": "ksh-0:20120801-38.el6_10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"product": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"product_id": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-0:20120801-38.el6_10.src"
},
"product_reference": "ksh-0:20120801-38.el6_10.src",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src"
},
"product_reference": "ksh-0:20120801-38.el6_10.src",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-0:20120801-38.el6_10.src"
},
"product_reference": "ksh-0:20120801-38.el6_10.src",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src"
},
"product_reference": "ksh-0:20120801-38.el6_10.src",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-6.10.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-17T09:03:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0515"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"6Client-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020_0568
Vulnerability from csaf_redhat - Published: 2020-02-24 09:05 - Updated: 2024-11-22 14:25Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0568",
"url": "https://access.redhat.com/errata/RHSA-2020:0568"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0568.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2024-11-22T14:25:39+00:00",
"generator": {
"date": "2024-11-22T14:25:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:0568",
"initial_release_date": "2020-02-24T09:05:27+00:00",
"revision_history": [
{
"date": "2020-02-24T09:05:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-02-24T09:05:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:25:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_7.x86_64",
"product": {
"name": "ksh-0:20120801-140.el7_7.x86_64",
"product_id": "ksh-0:20120801-140.el7_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"product_id": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_7.src",
"product": {
"name": "ksh-0:20120801-140.el7_7.src",
"product_id": "ksh-0:20120801-140.el7_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_7.s390x",
"product": {
"name": "ksh-0:20120801-140.el7_7.s390x",
"product_id": "ksh-0:20120801-140.el7_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"product_id": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_7.ppc64",
"product": {
"name": "ksh-0:20120801-140.el7_7.ppc64",
"product_id": "ksh-0:20120801-140.el7_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"product_id": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_7.ppc64le",
"product": {
"name": "ksh-0:20120801-140.el7_7.ppc64le",
"product_id": "ksh-0:20120801-140.el7_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"product_id": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src"
},
"product_reference": "ksh-0:20120801-140.el7_7.src",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src"
},
"product_reference": "ksh-0:20120801-140.el7_7.src",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src"
},
"product_reference": "ksh-0:20120801-140.el7_7.src",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src"
},
"product_reference": "ksh-0:20120801-140.el7_7.src",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7Workstation-7.7.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-24T09:05:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0568"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020:2210
Vulnerability from csaf_redhat - Published: 2020-05-19 22:43 - Updated: 2025-11-21 18:14Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2210",
"url": "https://access.redhat.com/errata/RHSA-2020:2210"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2210.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2025-11-21T18:14:23+00:00",
"generator": {
"date": "2025-11-21T18:14:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:2210",
"initial_release_date": "2020-05-19T22:43:17+00:00",
"revision_history": [
{
"date": "2020-05-19T22:43:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-05-19T22:43:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:14:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.4::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:7.4::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:7.4::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-36.el7_4.x86_64",
"product": {
"name": "ksh-0:20120801-36.el7_4.x86_64",
"product_id": "ksh-0:20120801-36.el7_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"product_id": "ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-36.el7_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-36.el7_4.src",
"product": {
"name": "ksh-0:20120801-36.el7_4.src",
"product_id": "ksh-0:20120801-36.el7_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-36.el7_4.ppc64le",
"product": {
"name": "ksh-0:20120801-36.el7_4.ppc64le",
"product_id": "ksh-0:20120801-36.el7_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"product": {
"name": "ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"product_id": "ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-36.el7_4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src"
},
"product_reference": "ksh-0:20120801-36.el7_4.src",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64"
},
"product_reference": "ksh-0:20120801-36.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le"
},
"product_reference": "ksh-0:20120801-36.el7_4.ppc64le",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src"
},
"product_reference": "ksh-0:20120801-36.el7_4.src",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64"
},
"product_reference": "ksh-0:20120801-36.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-36.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src"
},
"product_reference": "ksh-0:20120801-36.el7_4.src",
"relates_to_product_reference": "7Server-7.4.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64"
},
"product_reference": "ksh-0:20120801-36.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-05-19T22:43:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2210"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020_5351
Vulnerability from csaf_redhat - Published: 2020-12-07 11:12 - Updated: 2024-11-22 14:26Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5351",
"url": "https://access.redhat.com/errata/RHSA-2020:5351"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5351.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2024-11-22T14:26:08+00:00",
"generator": {
"date": "2024-11-22T14:26:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:5351",
"initial_release_date": "2020-12-07T11:12:37+00:00",
"revision_history": [
{
"date": "2020-12-07T11:12:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-07T11:12:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:26:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.3::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-27.el7_3.x86_64",
"product": {
"name": "ksh-0:20120801-27.el7_3.x86_64",
"product_id": "ksh-0:20120801-27.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-27.el7_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-27.el7_3.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-27.el7_3.x86_64",
"product_id": "ksh-debuginfo-0:20120801-27.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-27.el7_3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-27.el7_3.src",
"product": {
"name": "ksh-0:20120801-27.el7_3.src",
"product_id": "ksh-0:20120801-27.el7_3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-27.el7_3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-27.el7_3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src"
},
"product_reference": "ksh-0:20120801-27.el7_3.src",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-27.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64"
},
"product_reference": "ksh-0:20120801-27.el7_3.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-27.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-27.el7_3.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src",
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64",
"7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-07T11:12:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src",
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64",
"7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5351"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src",
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64",
"7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src",
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64",
"7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020_2210
Vulnerability from csaf_redhat - Published: 2020-05-19 22:43 - Updated: 2024-11-22 14:26Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2210",
"url": "https://access.redhat.com/errata/RHSA-2020:2210"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2210.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2024-11-22T14:26:01+00:00",
"generator": {
"date": "2024-11-22T14:26:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:2210",
"initial_release_date": "2020-05-19T22:43:17+00:00",
"revision_history": [
{
"date": "2020-05-19T22:43:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-05-19T22:43:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:26:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.4::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:7.4::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:7.4::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-36.el7_4.x86_64",
"product": {
"name": "ksh-0:20120801-36.el7_4.x86_64",
"product_id": "ksh-0:20120801-36.el7_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"product_id": "ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-36.el7_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-36.el7_4.src",
"product": {
"name": "ksh-0:20120801-36.el7_4.src",
"product_id": "ksh-0:20120801-36.el7_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-36.el7_4.ppc64le",
"product": {
"name": "ksh-0:20120801-36.el7_4.ppc64le",
"product_id": "ksh-0:20120801-36.el7_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-36.el7_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"product": {
"name": "ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"product_id": "ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-36.el7_4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src"
},
"product_reference": "ksh-0:20120801-36.el7_4.src",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64"
},
"product_reference": "ksh-0:20120801-36.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le"
},
"product_reference": "ksh-0:20120801-36.el7_4.ppc64le",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src"
},
"product_reference": "ksh-0:20120801-36.el7_4.src",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64"
},
"product_reference": "ksh-0:20120801-36.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-36.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src"
},
"product_reference": "ksh-0:20120801-36.el7_4.src",
"relates_to_product_reference": "7Server-7.4.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64"
},
"product_reference": "ksh-0:20120801-36.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-36.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-05-19T22:43:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2210"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.AUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.AUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.E4S:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.ppc64le",
"7Server-7.4.E4S:ksh-debuginfo-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.src",
"7Server-7.4.TUS:ksh-0:20120801-36.el7_4.x86_64",
"7Server-7.4.TUS:ksh-debuginfo-0:20120801-36.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020:1332
Vulnerability from csaf_redhat - Published: 2020-04-06 16:56 - Updated: 2025-11-21 18:13Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:1332",
"url": "https://access.redhat.com/errata/RHSA-2020:1332"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1332.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2025-11-21T18:13:25+00:00",
"generator": {
"date": "2025-11-21T18:13:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:1332",
"initial_release_date": "2020-04-06T16:56:28+00:00",
"revision_history": [
{
"date": "2020-04-06T16:56:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-04-06T16:56:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:13:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.5::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-138.el7_5.x86_64",
"product": {
"name": "ksh-0:20120801-138.el7_5.x86_64",
"product_id": "ksh-0:20120801-138.el7_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"product_id": "ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-138.el7_5.src",
"product": {
"name": "ksh-0:20120801-138.el7_5.src",
"product_id": "ksh-0:20120801-138.el7_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-138.el7_5.s390x",
"product": {
"name": "ksh-0:20120801-138.el7_5.s390x",
"product_id": "ksh-0:20120801-138.el7_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-138.el7_5.s390x",
"product": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.s390x",
"product_id": "ksh-debuginfo-0:20120801-138.el7_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-138.el7_5.ppc64",
"product": {
"name": "ksh-0:20120801-138.el7_5.ppc64",
"product_id": "ksh-0:20120801-138.el7_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"product": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"product_id": "ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-138.el7_5.ppc64le",
"product": {
"name": "ksh-0:20120801-138.el7_5.ppc64le",
"product_id": "ksh-0:20120801-138.el7_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"product": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"product_id": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64"
},
"product_reference": "ksh-0:20120801-138.el7_5.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le"
},
"product_reference": "ksh-0:20120801-138.el7_5.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x"
},
"product_reference": "ksh-0:20120801-138.el7_5.s390x",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src"
},
"product_reference": "ksh-0:20120801-138.el7_5.src",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64"
},
"product_reference": "ksh-0:20120801-138.el7_5.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.s390x",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64"
},
"product_reference": "ksh-0:20120801-138.el7_5.ppc64",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le"
},
"product_reference": "ksh-0:20120801-138.el7_5.ppc64le",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x"
},
"product_reference": "ksh-0:20120801-138.el7_5.s390x",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src"
},
"product_reference": "ksh-0:20120801-138.el7_5.src",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64"
},
"product_reference": "ksh-0:20120801-138.el7_5.x86_64",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.s390x",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"relates_to_product_reference": "7Server-7.5.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-04-06T16:56:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:1332"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020:0559
Vulnerability from csaf_redhat - Published: 2020-02-20 10:19 - Updated: 2025-11-21 18:12Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0559",
"url": "https://access.redhat.com/errata/RHSA-2020:0559"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0559.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2025-11-21T18:12:19+00:00",
"generator": {
"date": "2025-11-21T18:12:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:0559",
"initial_release_date": "2020-02-20T10:19:48+00:00",
"revision_history": [
{
"date": "2020-02-20T10:19:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-02-20T10:19:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:12:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_1.ppc64le",
"product": {
"name": "ksh-0:20120801-253.el8_1.ppc64le",
"product_id": "ksh-0:20120801-253.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"product": {
"name": "ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"product_id": "ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"product": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"product_id": "ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_1.s390x",
"product": {
"name": "ksh-0:20120801-253.el8_1.s390x",
"product_id": "ksh-0:20120801-253.el8_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ksh-debugsource-0:20120801-253.el8_1.s390x",
"product": {
"name": "ksh-debugsource-0:20120801-253.el8_1.s390x",
"product_id": "ksh-debugsource-0:20120801-253.el8_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-253.el8_1.s390x",
"product": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.s390x",
"product_id": "ksh-debuginfo-0:20120801-253.el8_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_1.x86_64",
"product": {
"name": "ksh-0:20120801-253.el8_1.x86_64",
"product_id": "ksh-0:20120801-253.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debugsource-0:20120801-253.el8_1.x86_64",
"product": {
"name": "ksh-debugsource-0:20120801-253.el8_1.x86_64",
"product_id": "ksh-debugsource-0:20120801-253.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"product_id": "ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_1.aarch64",
"product": {
"name": "ksh-0:20120801-253.el8_1.aarch64",
"product_id": "ksh-0:20120801-253.el8_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ksh-debugsource-0:20120801-253.el8_1.aarch64",
"product": {
"name": "ksh-debugsource-0:20120801-253.el8_1.aarch64",
"product_id": "ksh-debugsource-0:20120801-253.el8_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"product": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"product_id": "ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_1.src",
"product": {
"name": "ksh-0:20120801-253.el8_1.src",
"product_id": "ksh-0:20120801-253.el8_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64"
},
"product_reference": "ksh-0:20120801-253.el8_1.aarch64",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le"
},
"product_reference": "ksh-0:20120801-253.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x"
},
"product_reference": "ksh-0:20120801-253.el8_1.s390x",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_1.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src"
},
"product_reference": "ksh-0:20120801-253.el8_1.src",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64"
},
"product_reference": "ksh-0:20120801-253.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64"
},
"product_reference": "ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-253.el8_1.s390x",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debugsource-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64"
},
"product_reference": "ksh-debugsource-0:20120801-253.el8_1.aarch64",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debugsource-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le"
},
"product_reference": "ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debugsource-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x"
},
"product_reference": "ksh-debugsource-0:20120801-253.el8_1.s390x",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debugsource-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64"
},
"product_reference": "ksh-debugsource-0:20120801-253.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-20T10:19:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0559"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020:0568
Vulnerability from csaf_redhat - Published: 2020-02-24 09:05 - Updated: 2025-11-21 18:12Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0568",
"url": "https://access.redhat.com/errata/RHSA-2020:0568"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0568.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2025-11-21T18:12:21+00:00",
"generator": {
"date": "2025-11-21T18:12:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:0568",
"initial_release_date": "2020-02-24T09:05:27+00:00",
"revision_history": [
{
"date": "2020-02-24T09:05:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-02-24T09:05:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:12:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_7.x86_64",
"product": {
"name": "ksh-0:20120801-140.el7_7.x86_64",
"product_id": "ksh-0:20120801-140.el7_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"product_id": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_7.src",
"product": {
"name": "ksh-0:20120801-140.el7_7.src",
"product_id": "ksh-0:20120801-140.el7_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_7.s390x",
"product": {
"name": "ksh-0:20120801-140.el7_7.s390x",
"product_id": "ksh-0:20120801-140.el7_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"product_id": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_7.ppc64",
"product": {
"name": "ksh-0:20120801-140.el7_7.ppc64",
"product_id": "ksh-0:20120801-140.el7_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"product_id": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_7.ppc64le",
"product": {
"name": "ksh-0:20120801-140.el7_7.ppc64le",
"product_id": "ksh-0:20120801-140.el7_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"product_id": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-0:20120801-140.el7_7.src"
},
"product_reference": "ksh-0:20120801-140.el7_7.src",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src"
},
"product_reference": "ksh-0:20120801-140.el7_7.src",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-0:20120801-140.el7_7.src"
},
"product_reference": "ksh-0:20120801-140.el7_7.src",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src"
},
"product_reference": "ksh-0:20120801-140.el7_7.src",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.s390x",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"relates_to_product_reference": "7Workstation-7.7.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-24T09:05:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0568"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Client-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Client-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7ComputeNode-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7ComputeNode-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Server-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Server-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.src",
"7Workstation-7.7.Z:ksh-0:20120801-140.el7_7.x86_64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.ppc64le",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.s390x",
"7Workstation-7.7.Z:ksh-debuginfo-0:20120801-140.el7_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020:1333
Vulnerability from csaf_redhat - Published: 2020-04-06 17:33 - Updated: 2025-11-21 18:13Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:1333",
"url": "https://access.redhat.com/errata/RHSA-2020:1333"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1333.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2025-11-21T18:13:25+00:00",
"generator": {
"date": "2025-11-21T18:13:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:1333",
"initial_release_date": "2020-04-06T17:33:52+00:00",
"revision_history": [
{
"date": "2020-04-06T17:33:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-04-06T17:33:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:13:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.6::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_6.s390x",
"product": {
"name": "ksh-0:20120801-140.el7_6.s390x",
"product_id": "ksh-0:20120801-140.el7_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_6.s390x",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.s390x",
"product_id": "ksh-debuginfo-0:20120801-140.el7_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_6.ppc64le",
"product": {
"name": "ksh-0:20120801-140.el7_6.ppc64le",
"product_id": "ksh-0:20120801-140.el7_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"product_id": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_6.src",
"product": {
"name": "ksh-0:20120801-140.el7_6.src",
"product_id": "ksh-0:20120801-140.el7_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_6.x86_64",
"product": {
"name": "ksh-0:20120801-140.el7_6.x86_64",
"product_id": "ksh-0:20120801-140.el7_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"product_id": "ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_6.ppc64",
"product": {
"name": "ksh-0:20120801-140.el7_6.ppc64",
"product_id": "ksh-0:20120801-140.el7_6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"product_id": "ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_6.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_6.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_6.s390x",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src"
},
"product_reference": "ksh-0:20120801-140.el7_6.src",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_6.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.s390x",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_6.ppc64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_6.ppc64le",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_6.s390x",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src"
},
"product_reference": "ksh-0:20120801-140.el7_6.src",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.s390x",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_6.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_6.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_6.s390x",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src"
},
"product_reference": "ksh-0:20120801-140.el7_6.src",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_6.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.s390x",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-04-06T17:33:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:1333"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020:0431
Vulnerability from csaf_redhat - Published: 2020-02-05 12:15 - Updated: 2025-11-21 18:12Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0431",
"url": "https://access.redhat.com/errata/RHSA-2020:0431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0431.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2025-11-21T18:12:09+00:00",
"generator": {
"date": "2025-11-21T18:12:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:0431",
"initial_release_date": "2020-02-05T12:15:54+00:00",
"revision_history": [
{
"date": "2020-02-05T12:15:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-02-05T12:15:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:12:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.0::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_0.ppc64le",
"product": {
"name": "ksh-0:20120801-253.el8_0.ppc64le",
"product_id": "ksh-0:20120801-253.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"product": {
"name": "ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"product_id": "ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"product": {
"name": "ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"product_id": "ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_0.x86_64",
"product": {
"name": "ksh-0:20120801-253.el8_0.x86_64",
"product_id": "ksh-0:20120801-253.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debugsource-0:20120801-253.el8_0.x86_64",
"product": {
"name": "ksh-debugsource-0:20120801-253.el8_0.x86_64",
"product_id": "ksh-debugsource-0:20120801-253.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"product_id": "ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_0.src",
"product": {
"name": "ksh-0:20120801-253.el8_0.src",
"product_id": "ksh-0:20120801-253.el8_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le"
},
"product_reference": "ksh-0:20120801-253.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_0.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src"
},
"product_reference": "ksh-0:20120801-253.el8_0.src",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64"
},
"product_reference": "ksh-0:20120801-253.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debugsource-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le"
},
"product_reference": "ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debugsource-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64"
},
"product_reference": "ksh-debugsource-0:20120801-253.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-05T12:15:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0431"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020:0515
Vulnerability from csaf_redhat - Published: 2020-02-17 09:03 - Updated: 2025-11-21 18:12Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0515",
"url": "https://access.redhat.com/errata/RHSA-2020:0515"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0515.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2025-11-21T18:12:14+00:00",
"generator": {
"date": "2025-11-21T18:12:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:0515",
"initial_release_date": "2020-02-17T09:03:47+00:00",
"revision_history": [
{
"date": "2020-02-17T09:03:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-02-17T09:03:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:12:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-38.el6_10.i686",
"product": {
"name": "ksh-0:20120801-38.el6_10.i686",
"product_id": "ksh-0:20120801-38.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"product": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"product_id": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-38.el6_10.x86_64",
"product": {
"name": "ksh-0:20120801-38.el6_10.x86_64",
"product_id": "ksh-0:20120801-38.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"product_id": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-38.el6_10.src",
"product": {
"name": "ksh-0:20120801-38.el6_10.src",
"product_id": "ksh-0:20120801-38.el6_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-38.el6_10.s390x",
"product": {
"name": "ksh-0:20120801-38.el6_10.s390x",
"product_id": "ksh-0:20120801-38.el6_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"product": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"product_id": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-38.el6_10.ppc64",
"product": {
"name": "ksh-0:20120801-38.el6_10.ppc64",
"product_id": "ksh-0:20120801-38.el6_10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-38.el6_10?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"product": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"product_id": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-38.el6_10?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-0:20120801-38.el6_10.src"
},
"product_reference": "ksh-0:20120801-38.el6_10.src",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src"
},
"product_reference": "ksh-0:20120801-38.el6_10.src",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-0:20120801-38.el6_10.src"
},
"product_reference": "ksh-0:20120801-38.el6_10.src",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src"
},
"product_reference": "ksh-0:20120801-38.el6_10.src",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.i686",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.s390x",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-38.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-6.10.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-17T09:03:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0515"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"6Client-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Client-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Client-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.src",
"6ComputeNode-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6ComputeNode-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Server-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Server-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.src",
"6Workstation-6.10.z:ksh-0:20120801-38.el6_10.x86_64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.i686",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.ppc64",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.s390x",
"6Workstation-6.10.z:ksh-debuginfo-0:20120801-38.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020_5352
Vulnerability from csaf_redhat - Published: 2020-12-07 11:06 - Updated: 2024-11-22 14:26Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5352",
"url": "https://access.redhat.com/errata/RHSA-2020:5352"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5352.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2024-11-22T14:26:15+00:00",
"generator": {
"date": "2024-11-22T14:26:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:5352",
"initial_release_date": "2020-12-07T11:06:38+00:00",
"revision_history": [
{
"date": "2020-12-07T11:06:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-07T11:06:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:26:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.2::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-26.el7_2.x86_64",
"product": {
"name": "ksh-0:20120801-26.el7_2.x86_64",
"product_id": "ksh-0:20120801-26.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-26.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-26.el7_2.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-26.el7_2.x86_64",
"product_id": "ksh-debuginfo-0:20120801-26.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-26.el7_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-26.el7_2.src",
"product": {
"name": "ksh-0:20120801-26.el7_2.src",
"product_id": "ksh-0:20120801-26.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-26.el7_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-26.el7_2.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src"
},
"product_reference": "ksh-0:20120801-26.el7_2.src",
"relates_to_product_reference": "7Server-7.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-26.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64"
},
"product_reference": "ksh-0:20120801-26.el7_2.x86_64",
"relates_to_product_reference": "7Server-7.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-26.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-26.el7_2.x86_64",
"relates_to_product_reference": "7Server-7.2.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src",
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64",
"7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-07T11:06:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src",
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64",
"7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5352"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src",
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64",
"7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.src",
"7Server-7.2.AUS:ksh-0:20120801-26.el7_2.x86_64",
"7Server-7.2.AUS:ksh-debuginfo-0:20120801-26.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020_0559
Vulnerability from csaf_redhat - Published: 2020-02-20 10:19 - Updated: 2024-11-22 14:25Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0559",
"url": "https://access.redhat.com/errata/RHSA-2020:0559"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0559.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2024-11-22T14:25:32+00:00",
"generator": {
"date": "2024-11-22T14:25:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:0559",
"initial_release_date": "2020-02-20T10:19:48+00:00",
"revision_history": [
{
"date": "2020-02-20T10:19:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-02-20T10:19:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:25:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_1.ppc64le",
"product": {
"name": "ksh-0:20120801-253.el8_1.ppc64le",
"product_id": "ksh-0:20120801-253.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"product": {
"name": "ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"product_id": "ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"product": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"product_id": "ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_1.s390x",
"product": {
"name": "ksh-0:20120801-253.el8_1.s390x",
"product_id": "ksh-0:20120801-253.el8_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ksh-debugsource-0:20120801-253.el8_1.s390x",
"product": {
"name": "ksh-debugsource-0:20120801-253.el8_1.s390x",
"product_id": "ksh-debugsource-0:20120801-253.el8_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-253.el8_1.s390x",
"product": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.s390x",
"product_id": "ksh-debuginfo-0:20120801-253.el8_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_1.x86_64",
"product": {
"name": "ksh-0:20120801-253.el8_1.x86_64",
"product_id": "ksh-0:20120801-253.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debugsource-0:20120801-253.el8_1.x86_64",
"product": {
"name": "ksh-debugsource-0:20120801-253.el8_1.x86_64",
"product_id": "ksh-debugsource-0:20120801-253.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"product_id": "ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_1.aarch64",
"product": {
"name": "ksh-0:20120801-253.el8_1.aarch64",
"product_id": "ksh-0:20120801-253.el8_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ksh-debugsource-0:20120801-253.el8_1.aarch64",
"product": {
"name": "ksh-debugsource-0:20120801-253.el8_1.aarch64",
"product_id": "ksh-debugsource-0:20120801-253.el8_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"product": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"product_id": "ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_1.src",
"product": {
"name": "ksh-0:20120801-253.el8_1.src",
"product_id": "ksh-0:20120801-253.el8_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64"
},
"product_reference": "ksh-0:20120801-253.el8_1.aarch64",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le"
},
"product_reference": "ksh-0:20120801-253.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x"
},
"product_reference": "ksh-0:20120801-253.el8_1.s390x",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_1.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src"
},
"product_reference": "ksh-0:20120801-253.el8_1.src",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64"
},
"product_reference": "ksh-0:20120801-253.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64"
},
"product_reference": "ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-253.el8_1.s390x",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debugsource-0:20120801-253.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64"
},
"product_reference": "ksh-debugsource-0:20120801-253.el8_1.aarch64",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debugsource-0:20120801-253.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le"
},
"product_reference": "ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debugsource-0:20120801-253.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x"
},
"product_reference": "ksh-debugsource-0:20120801-253.el8_1.s390x",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debugsource-0:20120801-253.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64"
},
"product_reference": "ksh-debugsource-0:20120801-253.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-20T10:19:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0559"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.src",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debuginfo-0:20120801-253.el8_1.x86_64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.aarch64",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.ppc64le",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.s390x",
"AppStream-8.1.0.Z.MAIN.EUS:ksh-debugsource-0:20120801-253.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020_1332
Vulnerability from csaf_redhat - Published: 2020-04-06 16:56 - Updated: 2024-11-22 14:25Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:1332",
"url": "https://access.redhat.com/errata/RHSA-2020:1332"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1332.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2024-11-22T14:25:53+00:00",
"generator": {
"date": "2024-11-22T14:25:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:1332",
"initial_release_date": "2020-04-06T16:56:28+00:00",
"revision_history": [
{
"date": "2020-04-06T16:56:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-04-06T16:56:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:25:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.5::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-138.el7_5.x86_64",
"product": {
"name": "ksh-0:20120801-138.el7_5.x86_64",
"product_id": "ksh-0:20120801-138.el7_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"product_id": "ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-138.el7_5.src",
"product": {
"name": "ksh-0:20120801-138.el7_5.src",
"product_id": "ksh-0:20120801-138.el7_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-138.el7_5.s390x",
"product": {
"name": "ksh-0:20120801-138.el7_5.s390x",
"product_id": "ksh-0:20120801-138.el7_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-138.el7_5.s390x",
"product": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.s390x",
"product_id": "ksh-debuginfo-0:20120801-138.el7_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-138.el7_5.ppc64",
"product": {
"name": "ksh-0:20120801-138.el7_5.ppc64",
"product_id": "ksh-0:20120801-138.el7_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"product": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"product_id": "ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-138.el7_5.ppc64le",
"product": {
"name": "ksh-0:20120801-138.el7_5.ppc64le",
"product_id": "ksh-0:20120801-138.el7_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-138.el7_5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"product": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"product_id": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-138.el7_5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64"
},
"product_reference": "ksh-0:20120801-138.el7_5.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le"
},
"product_reference": "ksh-0:20120801-138.el7_5.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x"
},
"product_reference": "ksh-0:20120801-138.el7_5.s390x",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src"
},
"product_reference": "ksh-0:20120801-138.el7_5.src",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64"
},
"product_reference": "ksh-0:20120801-138.el7_5.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.s390x",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64"
},
"product_reference": "ksh-0:20120801-138.el7_5.ppc64",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le"
},
"product_reference": "ksh-0:20120801-138.el7_5.ppc64le",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x"
},
"product_reference": "ksh-0:20120801-138.el7_5.s390x",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src"
},
"product_reference": "ksh-0:20120801-138.el7_5.src",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64"
},
"product_reference": "ksh-0:20120801-138.el7_5.x86_64",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.s390x",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-138.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"relates_to_product_reference": "7Server-7.5.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-04-06T16:56:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:1332"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7ComputeNode-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7ComputeNode-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.src",
"7Server-7.5.EUS:ksh-0:20120801-138.el7_5.x86_64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.ppc64le",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.s390x",
"7Server-7.5.EUS:ksh-debuginfo-0:20120801-138.el7_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020_0431
Vulnerability from csaf_redhat - Published: 2020-02-05 12:15 - Updated: 2024-11-22 14:25Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0431",
"url": "https://access.redhat.com/errata/RHSA-2020:0431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0431.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2024-11-22T14:25:17+00:00",
"generator": {
"date": "2024-11-22T14:25:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:0431",
"initial_release_date": "2020-02-05T12:15:54+00:00",
"revision_history": [
{
"date": "2020-02-05T12:15:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-02-05T12:15:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:25:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.0::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_0.ppc64le",
"product": {
"name": "ksh-0:20120801-253.el8_0.ppc64le",
"product_id": "ksh-0:20120801-253.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"product": {
"name": "ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"product_id": "ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"product": {
"name": "ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"product_id": "ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_0.x86_64",
"product": {
"name": "ksh-0:20120801-253.el8_0.x86_64",
"product_id": "ksh-0:20120801-253.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debugsource-0:20120801-253.el8_0.x86_64",
"product": {
"name": "ksh-debugsource-0:20120801-253.el8_0.x86_64",
"product_id": "ksh-debugsource-0:20120801-253.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debugsource@20120801-253.el8_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"product_id": "ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-253.el8_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-253.el8_0.src",
"product": {
"name": "ksh-0:20120801-253.el8_0.src",
"product_id": "ksh-0:20120801-253.el8_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-253.el8_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le"
},
"product_reference": "ksh-0:20120801-253.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_0.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src"
},
"product_reference": "ksh-0:20120801-253.el8_0.src",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64"
},
"product_reference": "ksh-0:20120801-253.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debugsource-0:20120801-253.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le"
},
"product_reference": "ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debugsource-0:20120801-253.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64"
},
"product_reference": "ksh-debugsource-0:20120801-253.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-05T12:15:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0431"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.src",
"AppStream-8.0.0.Z.E4S:ksh-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debuginfo-0:20120801-253.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:ksh-debugsource-0:20120801-253.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020_1333
Vulnerability from csaf_redhat - Published: 2020-04-06 17:33 - Updated: 2024-11-22 14:25Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:1333",
"url": "https://access.redhat.com/errata/RHSA-2020:1333"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1333.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2024-11-22T14:25:46+00:00",
"generator": {
"date": "2024-11-22T14:25:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:1333",
"initial_release_date": "2020-04-06T17:33:52+00:00",
"revision_history": [
{
"date": "2020-04-06T17:33:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-04-06T17:33:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:25:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.6::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_6.s390x",
"product": {
"name": "ksh-0:20120801-140.el7_6.s390x",
"product_id": "ksh-0:20120801-140.el7_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_6.s390x",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.s390x",
"product_id": "ksh-debuginfo-0:20120801-140.el7_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_6.ppc64le",
"product": {
"name": "ksh-0:20120801-140.el7_6.ppc64le",
"product_id": "ksh-0:20120801-140.el7_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"product_id": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_6.src",
"product": {
"name": "ksh-0:20120801-140.el7_6.src",
"product_id": "ksh-0:20120801-140.el7_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_6.x86_64",
"product": {
"name": "ksh-0:20120801-140.el7_6.x86_64",
"product_id": "ksh-0:20120801-140.el7_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"product_id": "ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-140.el7_6.ppc64",
"product": {
"name": "ksh-0:20120801-140.el7_6.ppc64",
"product_id": "ksh-0:20120801-140.el7_6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-140.el7_6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"product": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"product_id": "ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-140.el7_6?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_6.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_6.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_6.s390x",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src"
},
"product_reference": "ksh-0:20120801-140.el7_6.src",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_6.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.s390x",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_6.ppc64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_6.ppc64le",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_6.s390x",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src"
},
"product_reference": "ksh-0:20120801-140.el7_6.src",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.s390x",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64"
},
"product_reference": "ksh-0:20120801-140.el7_6.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le"
},
"product_reference": "ksh-0:20120801-140.el7_6.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x"
},
"product_reference": "ksh-0:20120801-140.el7_6.s390x",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src"
},
"product_reference": "ksh-0:20120801-140.el7_6.src",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64"
},
"product_reference": "ksh-0:20120801-140.el7_6.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.s390x",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-140.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-04-06T17:33:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:1333"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7ComputeNode-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7ComputeNode-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.src",
"7Server-7.6.EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-7.6.EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.src",
"7Server-Alt-7.6-EUS:ksh-0:20120801-140.el7_6.x86_64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.s390x",
"7Server-Alt-7.6-EUS:ksh-debuginfo-0:20120801-140.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
RHSA-2020:5351
Vulnerability from csaf_redhat - Published: 2020-12-07 11:12 - Updated: 2025-11-21 18:18Summary
Red Hat Security Advisory: ksh security update
Notes
Topic
An update for ksh is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ksh is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "KornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).\n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5351",
"url": "https://access.redhat.com/errata/RHSA-2020:5351"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5351.json"
}
],
"title": "Red Hat Security Advisory: ksh security update",
"tracking": {
"current_release_date": "2025-11-21T18:18:56+00:00",
"generator": {
"date": "2025-11-21T18:18:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:5351",
"initial_release_date": "2020-12-07T11:12:37+00:00",
"revision_history": [
{
"date": "2020-12-07T11:12:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-07T11:12:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:18:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.3::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-27.el7_3.x86_64",
"product": {
"name": "ksh-0:20120801-27.el7_3.x86_64",
"product_id": "ksh-0:20120801-27.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-27.el7_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ksh-debuginfo-0:20120801-27.el7_3.x86_64",
"product": {
"name": "ksh-debuginfo-0:20120801-27.el7_3.x86_64",
"product_id": "ksh-debuginfo-0:20120801-27.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh-debuginfo@20120801-27.el7_3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-0:20120801-27.el7_3.src",
"product": {
"name": "ksh-0:20120801-27.el7_3.src",
"product_id": "ksh-0:20120801-27.el7_3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ksh@20120801-27.el7_3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-27.el7_3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src"
},
"product_reference": "ksh-0:20120801-27.el7_3.src",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-0:20120801-27.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64"
},
"product_reference": "ksh-0:20120801-27.el7_3.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-debuginfo-0:20120801-27.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64"
},
"product_reference": "ksh-debuginfo-0:20120801-27.el7_3.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2019-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1757324"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src",
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64",
"7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "RHBZ#1757324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
}
],
"release_date": "2019-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-07T11:12:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src",
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64",
"7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5351"
},
{
"category": "workaround",
"details": "No known mitigation available.",
"product_ids": [
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src",
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64",
"7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.src",
"7Server-7.3.AUS:ksh-0:20120801-27.el7_3.x86_64",
"7Server-7.3.AUS:ksh-debuginfo-0:20120801-27.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection"
}
]
}
SUSE-SU-2024:2756-1
Vulnerability from csaf_suse - Published: 2024-08-05 19:57 - Updated: 2024-08-05 19:57Summary
Security update for ksh
Notes
Title of the patch
Security update for ksh
Description of the patch
This update for ksh fixes the following issues:
- CVE-2019-14868: Fixed code injection due to environment variables on startup interpreted as arithmetic expression (bsc#1160796)
Other fixes:
- do not use posix_spawn as it lacks proper job handling (bsc#1224057)
- fix segfault in variable substitution (bsc#1129288)
Patchnames
SUSE-2024-2756,SUSE-SLE-Module-Legacy-12-2024-2756,SUSE-SLE-SDK-12-SP5-2024-2756
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ksh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ksh fixes the following issues:\n\n- CVE-2019-14868: Fixed code injection due to environment variables on startup interpreted as arithmetic expression (bsc#1160796)\n \nOther fixes:\n- do not use posix_spawn as it lacks proper job handling (bsc#1224057)\n- fix segfault in variable substitution (bsc#1129288)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-2756,SUSE-SLE-Module-Legacy-12-2024-2756,SUSE-SLE-SDK-12-SP5-2024-2756",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2756-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:2756-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242756-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:2756-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-August/036291.html"
},
{
"category": "self",
"summary": "SUSE Bug 1129288",
"url": "https://bugzilla.suse.com/1129288"
},
{
"category": "self",
"summary": "SUSE Bug 1160796",
"url": "https://bugzilla.suse.com/1160796"
},
{
"category": "self",
"summary": "SUSE Bug 1224057",
"url": "https://bugzilla.suse.com/1224057"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14868 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14868/"
}
],
"title": "Security update for ksh",
"tracking": {
"current_release_date": "2024-08-05T19:57:56Z",
"generator": {
"date": "2024-08-05T19:57:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:2756-1",
"initial_release_date": "2024-08-05T19:57:56Z",
"revision_history": [
{
"date": "2024-08-05T19:57:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ksh-93vu-19.3.2.aarch64",
"product": {
"name": "ksh-93vu-19.3.2.aarch64",
"product_id": "ksh-93vu-19.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "ksh-devel-93vu-19.3.2.aarch64",
"product": {
"name": "ksh-devel-93vu-19.3.2.aarch64",
"product_id": "ksh-devel-93vu-19.3.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-93vu-19.3.2.i586",
"product": {
"name": "ksh-93vu-19.3.2.i586",
"product_id": "ksh-93vu-19.3.2.i586"
}
},
{
"category": "product_version",
"name": "ksh-devel-93vu-19.3.2.i586",
"product": {
"name": "ksh-devel-93vu-19.3.2.i586",
"product_id": "ksh-devel-93vu-19.3.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-93vu-19.3.2.ppc64le",
"product": {
"name": "ksh-93vu-19.3.2.ppc64le",
"product_id": "ksh-93vu-19.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "ksh-devel-93vu-19.3.2.ppc64le",
"product": {
"name": "ksh-devel-93vu-19.3.2.ppc64le",
"product_id": "ksh-devel-93vu-19.3.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-93vu-19.3.2.s390",
"product": {
"name": "ksh-93vu-19.3.2.s390",
"product_id": "ksh-93vu-19.3.2.s390"
}
},
{
"category": "product_version",
"name": "ksh-devel-93vu-19.3.2.s390",
"product": {
"name": "ksh-devel-93vu-19.3.2.s390",
"product_id": "ksh-devel-93vu-19.3.2.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-93vu-19.3.2.s390x",
"product": {
"name": "ksh-93vu-19.3.2.s390x",
"product_id": "ksh-93vu-19.3.2.s390x"
}
},
{
"category": "product_version",
"name": "ksh-devel-93vu-19.3.2.s390x",
"product": {
"name": "ksh-devel-93vu-19.3.2.s390x",
"product_id": "ksh-devel-93vu-19.3.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-93vu-19.3.2.x86_64",
"product": {
"name": "ksh-93vu-19.3.2.x86_64",
"product_id": "ksh-93vu-19.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "ksh-devel-93vu-19.3.2.x86_64",
"product": {
"name": "ksh-devel-93vu-19.3.2.x86_64",
"product_id": "ksh-devel-93vu-19.3.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 12",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-93vu-19.3.2.aarch64 as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.aarch64"
},
"product_reference": "ksh-93vu-19.3.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-93vu-19.3.2.ppc64le as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.ppc64le"
},
"product_reference": "ksh-93vu-19.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-93vu-19.3.2.s390x as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.s390x"
},
"product_reference": "ksh-93vu-19.3.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-93vu-19.3.2.x86_64 as component of SUSE Linux Enterprise Module for Legacy 12",
"product_id": "SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.x86_64"
},
"product_reference": "ksh-93vu-19.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-devel-93vu-19.3.2.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.aarch64"
},
"product_reference": "ksh-devel-93vu-19.3.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-devel-93vu-19.3.2.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.ppc64le"
},
"product_reference": "ksh-devel-93vu-19.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-devel-93vu-19.3.2.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.s390x"
},
"product_reference": "ksh-devel-93vu-19.3.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-devel-93vu-19.3.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.x86_64"
},
"product_reference": "ksh-devel-93vu-19.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14868"
}
],
"notes": [
{
"category": "general",
"text": "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.s390x",
"SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14868",
"url": "https://www.suse.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "SUSE Bug 1160796 for CVE-2019-14868",
"url": "https://bugzilla.suse.com/1160796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.s390x",
"SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.s390x",
"SUSE Linux Enterprise Module for Legacy 12:ksh-93vu-19.3.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:ksh-devel-93vu-19.3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-05T19:57:56Z",
"details": "important"
}
],
"title": "CVE-2019-14868"
}
]
}
CERTFR-2020-AVI-321
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | macOS | macOS Catalina versions antérieures à 10.15.5 | ||
| Apple | N/A | iCloud pour Windows versions 11.x antérieures à 11.2 | ||
| Apple | Safari | Safari versions antérieures à 13.1.1 | ||
| Apple | N/A | iCloud pour Windows versions antérieures à 7.19 | ||
| Apple | macOS | macOS Mojave sans le correctif de sécurité 2020-003 | ||
| Apple | macOS | macOS High Sierra sans le correctif de sécurité 2020-003 | ||
| Apple | N/A | Windows Migration Assistant versions antérieures à 2.2.0.0 (v. 1A11) |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "macOS Catalina versions ant\u00e9rieures \u00e0 10.15.5",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iCloud pour Windows versions 11.x ant\u00e9rieures \u00e0 11.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 13.1.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.19",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Mojave sans le correctif de s\u00e9curit\u00e9 2020-003",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS High Sierra sans le correctif de s\u00e9curit\u00e9 2020-003",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Windows Migration Assistant versions ant\u00e9rieures \u00e0 2.2.0.0 (v. 1A11)",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-9817",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9817"
},
{
"name": "CVE-2020-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9788"
},
{
"name": "CVE-2019-20503",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20503"
},
{
"name": "CVE-2020-3878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3878"
},
{
"name": "CVE-2020-9839",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9839"
},
{
"name": "CVE-2020-9856",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9856"
},
{
"name": "CVE-2020-9834",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9834"
},
{
"name": "CVE-2020-9855",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9855"
},
{
"name": "CVE-2020-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9844"
},
{
"name": "CVE-2020-9812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9812"
},
{
"name": "CVE-2020-9826",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9826"
},
{
"name": "CVE-2020-9816",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9816"
},
{
"name": "CVE-2020-9790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9790"
},
{
"name": "CVE-2020-9847",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9847"
},
{
"name": "CVE-2020-9789",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9789"
},
{
"name": "CVE-2020-9858",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9858"
},
{
"name": "CVE-2020-9825",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9825"
},
{
"name": "CVE-2020-9809",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9809"
},
{
"name": "CVE-2020-9857",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9857"
},
{
"name": "CVE-2020-9808",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9808"
},
{
"name": "CVE-2020-9831",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9831"
},
{
"name": "CVE-2020-9828",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9828"
},
{
"name": "CVE-2020-9801",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9801"
},
{
"name": "CVE-2020-9807",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9807"
},
{
"name": "CVE-2020-9852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9852"
},
{
"name": "CVE-2020-9805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9805"
},
{
"name": "CVE-2019-20044",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20044"
},
{
"name": "CVE-2020-9806",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9806"
},
{
"name": "CVE-2020-9815",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9815"
},
{
"name": "CVE-2020-9841",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9841"
},
{
"name": "CVE-2020-9797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9797"
},
{
"name": "CVE-2020-9793",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9793"
},
{
"name": "CVE-2020-9832",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9832"
},
{
"name": "CVE-2020-9837",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9837"
},
{
"name": "CVE-2020-9791",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9791"
},
{
"name": "CVE-2020-9813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9813"
},
{
"name": "CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"name": "CVE-2020-9803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9803"
},
{
"name": "CVE-2020-9843",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9843"
},
{
"name": "CVE-2020-9821",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9821"
},
{
"name": "CVE-2020-9811",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9811"
},
{
"name": "CVE-2020-9802",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9802"
},
{
"name": "CVE-2020-3882",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3882"
},
{
"name": "CVE-2020-9771",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9771"
},
{
"name": "CVE-2020-9814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9814"
},
{
"name": "CVE-2020-9830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9830"
},
{
"name": "CVE-2020-9827",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9827"
},
{
"name": "CVE-2020-9851",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9851"
},
{
"name": "CVE-2020-9842",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9842"
},
{
"name": "CVE-2020-9800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9800"
},
{
"name": "CVE-2020-9772",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9772"
},
{
"name": "CVE-2020-9792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9792"
},
{
"name": "CVE-2020-9822",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9822"
},
{
"name": "CVE-2020-9833",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9833"
},
{
"name": "CVE-2020-9824",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9824"
},
{
"name": "CVE-2020-9794",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9794"
},
{
"name": "CVE-2020-9795",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9795"
},
{
"name": "CVE-2020-9850",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9850"
},
{
"name": "CVE-2020-9804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9804"
}
],
"links": [],
"reference": "CERTFR-2020-AVI-321",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-05-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT211170 du 26 mai 2020",
"url": "https://support.apple.com/en-us/HT211170"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT211177 du 26 mai 2020",
"url": "https://support.apple.com/en-us/HT211177"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT211181 du 26 mai 2020",
"url": "https://support.apple.com/en-us/HT211181"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT211179 du 26 mai 2020",
"url": "https://support.apple.com/en-us/HT211179"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT211186 du 26 mai 2020",
"url": "https://support.apple.com/en-us/HT211186"
}
]
}
CERTFR-2020-AVI-321
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | macOS | macOS Catalina versions antérieures à 10.15.5 | ||
| Apple | N/A | iCloud pour Windows versions 11.x antérieures à 11.2 | ||
| Apple | Safari | Safari versions antérieures à 13.1.1 | ||
| Apple | N/A | iCloud pour Windows versions antérieures à 7.19 | ||
| Apple | macOS | macOS Mojave sans le correctif de sécurité 2020-003 | ||
| Apple | macOS | macOS High Sierra sans le correctif de sécurité 2020-003 | ||
| Apple | N/A | Windows Migration Assistant versions antérieures à 2.2.0.0 (v. 1A11) |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "macOS Catalina versions ant\u00e9rieures \u00e0 10.15.5",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iCloud pour Windows versions 11.x ant\u00e9rieures \u00e0 11.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 13.1.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.19",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Mojave sans le correctif de s\u00e9curit\u00e9 2020-003",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS High Sierra sans le correctif de s\u00e9curit\u00e9 2020-003",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Windows Migration Assistant versions ant\u00e9rieures \u00e0 2.2.0.0 (v. 1A11)",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-9817",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9817"
},
{
"name": "CVE-2020-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9788"
},
{
"name": "CVE-2019-20503",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20503"
},
{
"name": "CVE-2020-3878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3878"
},
{
"name": "CVE-2020-9839",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9839"
},
{
"name": "CVE-2020-9856",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9856"
},
{
"name": "CVE-2020-9834",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9834"
},
{
"name": "CVE-2020-9855",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9855"
},
{
"name": "CVE-2020-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9844"
},
{
"name": "CVE-2020-9812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9812"
},
{
"name": "CVE-2020-9826",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9826"
},
{
"name": "CVE-2020-9816",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9816"
},
{
"name": "CVE-2020-9790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9790"
},
{
"name": "CVE-2020-9847",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9847"
},
{
"name": "CVE-2020-9789",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9789"
},
{
"name": "CVE-2020-9858",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9858"
},
{
"name": "CVE-2020-9825",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9825"
},
{
"name": "CVE-2020-9809",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9809"
},
{
"name": "CVE-2020-9857",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9857"
},
{
"name": "CVE-2020-9808",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9808"
},
{
"name": "CVE-2020-9831",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9831"
},
{
"name": "CVE-2020-9828",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9828"
},
{
"name": "CVE-2020-9801",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9801"
},
{
"name": "CVE-2020-9807",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9807"
},
{
"name": "CVE-2020-9852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9852"
},
{
"name": "CVE-2020-9805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9805"
},
{
"name": "CVE-2019-20044",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20044"
},
{
"name": "CVE-2020-9806",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9806"
},
{
"name": "CVE-2020-9815",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9815"
},
{
"name": "CVE-2020-9841",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9841"
},
{
"name": "CVE-2020-9797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9797"
},
{
"name": "CVE-2020-9793",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9793"
},
{
"name": "CVE-2020-9832",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9832"
},
{
"name": "CVE-2020-9837",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9837"
},
{
"name": "CVE-2020-9791",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9791"
},
{
"name": "CVE-2020-9813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9813"
},
{
"name": "CVE-2019-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14868"
},
{
"name": "CVE-2020-9803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9803"
},
{
"name": "CVE-2020-9843",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9843"
},
{
"name": "CVE-2020-9821",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9821"
},
{
"name": "CVE-2020-9811",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9811"
},
{
"name": "CVE-2020-9802",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9802"
},
{
"name": "CVE-2020-3882",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3882"
},
{
"name": "CVE-2020-9771",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9771"
},
{
"name": "CVE-2020-9814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9814"
},
{
"name": "CVE-2020-9830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9830"
},
{
"name": "CVE-2020-9827",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9827"
},
{
"name": "CVE-2020-9851",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9851"
},
{
"name": "CVE-2020-9842",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9842"
},
{
"name": "CVE-2020-9800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9800"
},
{
"name": "CVE-2020-9772",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9772"
},
{
"name": "CVE-2020-9792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9792"
},
{
"name": "CVE-2020-9822",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9822"
},
{
"name": "CVE-2020-9833",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9833"
},
{
"name": "CVE-2020-9824",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9824"
},
{
"name": "CVE-2020-9794",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9794"
},
{
"name": "CVE-2020-9795",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9795"
},
{
"name": "CVE-2020-9850",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9850"
},
{
"name": "CVE-2020-9804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9804"
}
],
"links": [],
"reference": "CERTFR-2020-AVI-321",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-05-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT211170 du 26 mai 2020",
"url": "https://support.apple.com/en-us/HT211170"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT211177 du 26 mai 2020",
"url": "https://support.apple.com/en-us/HT211177"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT211181 du 26 mai 2020",
"url": "https://support.apple.com/en-us/HT211181"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT211179 du 26 mai 2020",
"url": "https://support.apple.com/en-us/HT211179"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT211186 du 26 mai 2020",
"url": "https://support.apple.com/en-us/HT211186"
}
]
}
VAR-202004-0812
Vulnerability from variot - Updated: 2024-07-23 21:22In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely. ksh There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. 8) - aarch64, ppc64le, s390x, x86_64
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra
macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra are now available and address the following:
Accounts Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt
AirDrop Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2020-9826: Dor Hadad of Palo Alto Networks
AppleMobileFileIntegrity Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4 Impact: An application may be able to use arbitrary entitlements Description: This issue was addressed with improved checks. CVE-2020-9842: Linus Henze (pinauten.de)
AppleUSBNetworking Available for: macOS Catalina 10.15.4 Impact: Inserting a USB device that sends invalid messages may cause a kernel panic Description: A logic issue was addressed with improved restrictions. CVE-2020-9804: Andy Davis of NCC Group
Audio Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9815: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative
Audio Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9791: Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative
Bluetooth Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9831: Yu Wang of Didi Research America
Calendar Available for: macOS Catalina 10.15.4 Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information Description: This issue was addressed with improved checks. CVE-2020-3882: Andy Grant of NCC Group
CVMS Available for: macOS Catalina 10.15.4 Impact: An application may be able to gain elevated privileges Description: This issue was addressed with improved checks. CVE-2020-9856: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative
DiskArbitration Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to break out of its sandbox Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9847: Zhuo Liang of Qihoo 360 Vulcan Team
Find My Available for: macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. CVE-2020-9855: Zhongcheng Li(CK01) of Topsec Alpha Team
FontParser Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9816: Peter Nguyen Vu Hoang of STAR Labs working with Trend Micro Zero Day Initiative
ImageIO Available for: macOS Catalina 10.15.4 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-3878: Samuel Groß of Google Project Zero
ImageIO Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9789: Wenchao Li of VARAS@IIE CVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab
Intel Graphics Driver Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9822: ABC Research s.r.o
IPSec Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4 Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9837: Thijs Alkemade of Computest
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9821: Xinru Chi and Tielei Wang of Pangu Lab
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine another application's memory layout Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2020-9797: an anonymous researcher
Kernel Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9852: Tao Huang and Tielei Wang of Pangu Lab
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9795: Zhuo Liang of Qihoo 360 Vulcan Team
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2020-9808: Xinru Chi and Tielei Wang of Pangu Lab
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to read kernel memory Description: An information disclosure issue was addressed with improved state management. CVE-2020-9811: Tielei Wang of Pangu Lab CVE-2020-9812: Derrek (@derrekr6)
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A logic issue existed resulting in memory corruption. This was addressed with improved state management. CVE-2020-9813: Xinru Chi of Pangu Lab CVE-2020-9814: Xinru Chi and Tielei Wang of Pangu Lab
Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved state management. CVE-2020-9809: Benjamin Randazzo (@____benjamin)
ksh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to execute arbitrary shell commands Description: An issue existed in the handling of environment variables. This issue was addressed with improved validation. CVE-2019-14868
NSURL Available for: macOS Mojave 10.14.6 Impact: A malicious website may be able to exfiltrate autofilled data in Safari Description: An issue existed in the parsing of URLs. This issue was addressed with improved input validation. CVE-2020-9857: Dlive of Tencent Security Xuanwu Lab
PackageKit Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to gain root privileges Description: A permissions issue existed. This issue was addressed with improved permission validation. CVE-2020-9817: Andy Grant of NCC Group
PackageKit Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to modify protected parts of the file system Description: An access issue was addressed with improved access restrictions. CVE-2020-9851: Linus Henze (pinauten.de)
Python Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9793
Sandbox Available for: macOS Catalina 10.15.4 Impact: A malicious application may be able to bypass Privacy preferences Description: An access issue was addressed with additional sandbox restrictions. CVE-2020-9825: Sreejith Krishnan R (@skr0x1C0)
Security Available for: macOS Catalina 10.15.4 Impact: A file may be incorrectly rendered to execute JavaScript Description: A validation issue was addressed with improved input sanitization. CVE-2020-9788: Wojciech Reguła of SecuRing (https://wojciechregula.blog)
SIP Available for: macOS Catalina 10.15.4 Impact: A non-privileged user may be able to modify restricted network settings Description: A logic issue was addressed with improved restrictions. CVE-2020-9824: Csaba Fitzl (@theevilbit) of Offensive Security
SQLite Available for: macOS Catalina 10.15.4 Impact: A malicious application may cause a denial of service or potentially disclose memory contents Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9794
System Preferences Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with improved state handling. CVE-2020-9839: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative
USB Audio Available for: macOS Catalina 10.15.4 Impact: A USB device may be able to cause a denial of service Description: A validation issue was addressed with improved input sanitization. CVE-2020-9792: Andy Davis of NCC Group
Wi-Fi Available for: macOS Catalina 10.15.4 Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A double free issue was addressed with improved memory management. CVE-2020-9844: Ian Beer of Google Project Zero
Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2020-9830: Tielei Wang of Pangu Lab
Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2020-9834: Yu Wang of Didi Research America
Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local user may be able to read kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2020-9833: Yu Wang of Didi Research America
Wi-Fi Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9832: Yu Wang of Didi Research America
WindowServer Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2020-9841: ABC Research s.r.o. working with Trend Micro Zero Day Initiative
zsh Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4 Impact: A local attacker may be able to elevate their privileges Description: An authorization issue was addressed with improved state management. CVE-2019-20044: Sam Foxman
Additional recognition
CoreBluetooth We would like to acknowledge Maximilian von Tschitschnitz of Technical University Munich and Ludwig Peuckert of Technical University Munich for their assistance.
CoreText We would like to acknowledge Jiska Classen (@naehrdine) and Dennis Heinze (@ttdennis) of Secure Mobile Networking Lab for their assistance.
Endpoint Security We would like to acknowledge an anonymous researcher for their assistance.
ImageIO We would like to acknowledge Lei Sun for their assistance.
IOHIDFamily We would like to acknowledge Andy Davis of NCC Group for their assistance.
IPSec We would like to acknowledge Thijs Alkemade of Computest for their assistance.
Login Window We would like to acknowledge Jon Morby and an anonymous researcher for their assistance.
Sandbox We would like to acknowledge Jason L Lang of Optum for their assistance.
Spotlight We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.
Installation note:
macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64
iQIcBAEDCAAGBQJezZcfAAoJEAc+Lhnt8tDNIQYP/0YN+/T85WC7RJjAlRrUDduD ZO0e76d2C1jNgZWsYmXnrEPwfRYAEPLcKgb/SxAlwlRNFqex9CNu2sD1aA3GZBIO MaektARuncqh06rl8BjbakS4HQs675vUEjoJS9H2d0pq2dSEIjOtH1agJwtGIeNS wHBFlUnQzI42hurYeq7fxRdiByf+Z3mKEBt6wlVtaWjqcMfG9sroj9H58RLiqSNm VNfU4eZNPrG49kbTf4IC2JvvKg18hrUZqIcjbV/56+kPBl4+USIxh/5ECJHV/cDD BEe64M2I1LiY0lq6neoOeHvBiiIvUq9EUW2PBnfcbo3V1D35mm6td+WnO3Buqo6f EEkjfIwtq7fI10ZPYYjiUayrQyfqmM3x14JcxDsHzlerT6NNRTg3g2ls0seQK9Lt 8IDbkrseOR0JFukR1njC+cAk4RbDFue5cUJK6Js1nGvFwLN0kHFIhh9jFKgccgH7 bKSLDAdB+kSxBOshDDmYyNS+KRzXEWIsBU8ZbNAbRDANWqm4lcPffKWcG7zIdiMQ JLUclRURf35AoFmJ0F1BZSRzFuHr1Dvh23SjNK7H9i/mD05+rY6esh5ZKco+6Yqe pW/EOXEAs/J06xUytABH3SkFmQSzlIPuFrXa8qAskHhFp/E8yLehyefoY+AZJjal sLrLBIOxQCTskSFoExP8 =2eah -----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: ksh security update Advisory ID: RHSA-2020:1333-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1333 Issue date: 2020-04-06 CVE Names: CVE-2019-14868 ==================================================================== 1. Summary:
An update for ksh is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x
- Description:
KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992).
Security Fix(es):
- ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.6):
Source: ksh-20120801-140.el7_6.src.rpm
x86_64: ksh-20120801-140.el7_6.x86_64.rpm ksh-debuginfo-20120801-140.el7_6.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 7.6):
Source: ksh-20120801-140.el7_6.src.rpm
ppc64: ksh-20120801-140.el7_6.ppc64.rpm ksh-debuginfo-20120801-140.el7_6.ppc64.rpm
ppc64le: ksh-20120801-140.el7_6.ppc64le.rpm ksh-debuginfo-20120801-140.el7_6.ppc64le.rpm
s390x: ksh-20120801-140.el7_6.s390x.rpm ksh-debuginfo-20120801-140.el7_6.s390x.rpm
x86_64: ksh-20120801-140.el7_6.x86_64.rpm ksh-debuginfo-20120801-140.el7_6.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
Source: ksh-20120801-140.el7_6.src.rpm
aarch64: ksh-20120801-140.el7_6.aarch64.rpm ksh-debuginfo-20120801-140.el7_6.aarch64.rpm
ppc64le: ksh-20120801-140.el7_6.ppc64le.rpm ksh-debuginfo-20120801-140.el7_6.ppc64le.rpm
s390x: ksh-20120801-140.el7_6.s390x.rpm ksh-debuginfo-20120801-140.el7_6.s390x.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-14868 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXotlt9zjgjWX9erEAQiUMA/9FZolfIAXKMjp9BykiBgvX84zEl6hey3x jjG/PT73AIB6fmu4qgni9Cj61Z7fhYJRA5m79yrLHrwsvyGrqaPbKB5MTkoXFW5H HO38WQ/eOKc+/cKjWZYBkgZbojrz2HMnujBf09GsoUYo7fS1ylPugWkCOdbd0vId jHAwwxSngUqPzVMv8CBGeinus4YOruZkY/2OhUJeFm3/nEwsbNUVcncA2ceBYs2W vu7Lp2fC4qZ9j6vt3yeuUtL2gpV6iDtmUa5SPAXc8wn/8luyg7DeVC8Xz+FxZSRt BxDO663OmLdfAKdsQEyiWMEsI4FMygiDyqpW9z4yjOZmcaDFJ96kXr98JfQooKxl 9mfnXpIoFxCfDc3ved8zHtb1oMw/CB5AC/XOR71lxjd/qLy2w6b+2v4KWeKN0kKE 6AZ0qr0jN/nLhhFjb+efzPxLMP9Wccv99U3M91xkG0I6w/vhwzM/848CYILnFnSt jTScL1Jvax4g/r3TeJMoqsWZWOSZAZZzg5pc/1rfMEz+ySsQDum59jFQDQZvULve Gaw8cjOX5lqfuWyjO2OxE2Lb8CFI+Rx0LWFMW9mjVJso3693XLATtr9PRzDP+J58 s5x40dnM3mqEXKbKK++q0QA4OzQ5qXj17FFaUjOVRhXNT9ULoL8rZ9P9lxioEMlI NPsHxbgS/lg=Hx2Y -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7.4) - x86_64
- 7.5) - ppc64, ppc64le, s390x, x86_64
3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0812",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ksh",
"scope": "eq",
"trust": 1.8,
"vendor": "ksh",
"version": "20120801"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015261"
},
{
"db": "NVD",
"id": "CVE-2019-14868"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ksh_project:ksh:20120801:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.15.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-14868"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "156454"
},
{
"db": "PACKETSTORM",
"id": "157123"
},
{
"db": "PACKETSTORM",
"id": "157769"
},
{
"db": "PACKETSTORM",
"id": "160382"
},
{
"db": "PACKETSTORM",
"id": "160376"
},
{
"db": "PACKETSTORM",
"id": "157121"
}
],
"trust": 0.6
},
"cve": "CVE-2019-14868",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2019-015261",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-146857",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "secalert@redhat.com",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.4,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015261",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-14868",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "secalert@redhat.com",
"id": "CVE-2019-14868",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2019-015261",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-300",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-146857",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146857"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015261"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-300"
},
{
"db": "NVD",
"id": "CVE-2019-14868"
},
{
"db": "NVD",
"id": "CVE-2019-14868"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely. ksh There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update\n2020-003 Mojave, Security Update 2020-003 High Sierra\n\nmacOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security\nUpdate 2020-003 High Sierra are now available and address the\nfollowing:\n\nAccounts\nAvailable for: macOS Catalina 10.15.4\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A denial of service issue was addressed with improved\ninput validation. \nCVE-2020-9827: Jannik Lorenz of SEEMOO @ TU Darmstadt\n\nAirDrop\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A denial of service issue was addressed with improved\ninput validation. \nCVE-2020-9826: Dor Hadad of Palo Alto Networks\n\nAppleMobileFileIntegrity\nAvailable for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4\nImpact: An application may be able to use arbitrary entitlements\nDescription: This issue was addressed with improved checks. \nCVE-2020-9842: Linus Henze (pinauten.de)\n\nAppleUSBNetworking\nAvailable for: macOS Catalina 10.15.4\nImpact: Inserting a USB device that sends invalid messages may cause\na kernel panic\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2020-9804: Andy Davis of NCC Group\n\nAudio\nAvailable for: macOS Catalina 10.15.4\nImpact: Processing a maliciously crafted audio file may lead to\narbitrary code execution\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-9815: Yu Zhou (@yuzhou6666) working with Trend Micro Zero\nDay Initiative\n\nAudio\nAvailable for: macOS Catalina 10.15.4\nImpact: Processing a maliciously crafted audio file may lead to\narbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2020-9791: Yu Zhou (@yuzhou6666) working with Trend Micro Zero\nDay Initiative\n\nBluetooth\nAvailable for: macOS Catalina 10.15.4\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-9831: Yu Wang of Didi Research America\n\nCalendar\nAvailable for: macOS Catalina 10.15.4\nImpact: Importing a maliciously crafted calendar invitation may\nexfiltrate user information\nDescription: This issue was addressed with improved checks. \nCVE-2020-3882: Andy Grant of NCC Group\n\nCVMS\nAvailable for: macOS Catalina 10.15.4\nImpact: An application may be able to gain elevated privileges\nDescription: This issue was addressed with improved checks. \nCVE-2020-9856: @jinmo123, @setuid0x0_, and @insu_yun_en of\n@SSLab_Gatech working with Trend Micro\u2019s Zero Day Initiative\n\nDiskArbitration\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to break out of its\nsandbox\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-9847: Zhuo Liang of Qihoo 360 Vulcan Team\n\nFind My\nAvailable for: macOS Catalina 10.15.4\nImpact: A local attacker may be able to elevate their privileges\nDescription: A validation issue existed in the handling of symlinks. \nThis issue was addressed with improved validation of symlinks. \nCVE-2020-9855: Zhongcheng Li(CK01) of Topsec Alpha Team\n\nFontParser\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2020-9816: Peter Nguyen Vu Hoang of STAR Labs working with Trend\nMicro Zero Day Initiative\n\nImageIO\nAvailable for: macOS Catalina 10.15.4\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2020-3878: Samuel Gro\u00df of Google Project Zero\n\nImageIO\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2020-9789: Wenchao Li of VARAS@IIE\nCVE-2020-9790: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nIntel Graphics Driver\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2020-9822: ABC Research s.r.o\n\nIPSec\nAvailable for: macOS High Sierra 10.13.6, macOS Catalina 10.15.4\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-9837: Thijs Alkemade of Computest\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2020-9821: Xinru Chi and Tielei Wang of Pangu Lab\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to determine another\napplication\u0027s memory layout\nDescription: An information disclosure issue was addressed by\nremoving the vulnerable code. \nCVE-2020-9797: an anonymous researcher\n\nKernel\nAvailable for: macOS Catalina 10.15.4\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: An integer overflow was addressed through improved input\nvalidation. \nCVE-2020-9852: Tao Huang and Tielei Wang of Pangu Lab\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2020-9795: Zhuo Liang of Qihoo 360 Vulcan Team\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: An application may be able to cause unexpected system\ntermination or write kernel memory\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2020-9808: Xinru Chi and Tielei Wang of Pangu Lab\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A local user may be able to read kernel memory\nDescription: An information disclosure issue was addressed with\nimproved state management. \nCVE-2020-9811: Tielei Wang of Pangu Lab\nCVE-2020-9812: Derrek (@derrekr6)\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A logic issue existed resulting in memory corruption. \nThis was addressed with improved state management. \nCVE-2020-9813: Xinru Chi of Pangu Lab\nCVE-2020-9814: Xinru Chi and Tielei Wang of Pangu Lab\n\nKernel\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An information disclosure issue was addressed with\nimproved state management. \nCVE-2020-9809: Benjamin Randazzo (@____benjamin)\n\nksh\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A local user may be able to execute arbitrary shell commands\nDescription: An issue existed in the handling of environment\nvariables. This issue was addressed with improved validation. \nCVE-2019-14868\n\nNSURL\nAvailable for: macOS Mojave 10.14.6\nImpact: A malicious website may be able to exfiltrate autofilled data\nin Safari\nDescription: An issue existed in the parsing of URLs. This issue was\naddressed with improved input validation. \nCVE-2020-9857: Dlive of Tencent Security Xuanwu Lab\n\nPackageKit\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to gain root privileges\nDescription: A permissions issue existed. This issue was addressed\nwith improved permission validation. \nCVE-2020-9817: Andy Grant of NCC Group\n\nPackageKit\nAvailable for: macOS Catalina 10.15.4\nImpact: A malicious application may be able to modify protected parts\nof the file system\nDescription: An access issue was addressed with improved access\nrestrictions. \nCVE-2020-9851: Linus Henze (pinauten.de)\n\nPython\nAvailable for: macOS Catalina 10.15.4\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2020-9793\n\nSandbox\nAvailable for: macOS Catalina 10.15.4\nImpact: A malicious application may be able to bypass Privacy\npreferences\nDescription: An access issue was addressed with additional sandbox\nrestrictions. \nCVE-2020-9825: Sreejith Krishnan R (@skr0x1C0)\n\nSecurity\nAvailable for: macOS Catalina 10.15.4\nImpact: A file may be incorrectly rendered to execute JavaScript\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2020-9788: Wojciech Regu\u0142a of SecuRing\n(https://wojciechregula.blog)\n\nSIP\nAvailable for: macOS Catalina 10.15.4\nImpact: A non-privileged user may be able to modify restricted\nnetwork settings\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2020-9824: Csaba Fitzl (@theevilbit) of Offensive Security\n\nSQLite\nAvailable for: macOS Catalina 10.15.4\nImpact: A malicious application may cause a denial of service or\npotentially disclose memory contents\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2020-9794\n\nSystem Preferences\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: An application may be able to gain elevated privileges\nDescription: A race condition was addressed with improved state\nhandling. \nCVE-2020-9839: @jinmo123, @setuid0x0_, and @insu_yun_en of\n@SSLab_Gatech working with Trend Micro\u2019s Zero Day Initiative\n\nUSB Audio\nAvailable for: macOS Catalina 10.15.4\nImpact: A USB device may be able to cause a denial of service\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2020-9792: Andy Davis of NCC Group\n\nWi-Fi\nAvailable for: macOS Catalina 10.15.4\nImpact: A remote attacker may be able to cause unexpected system\ntermination or corrupt kernel memory\nDescription: A double free issue was addressed with improved memory\nmanagement. \nCVE-2020-9844: Ian Beer of Google Project Zero\n\nWi-Fi\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2020-9830: Tielei Wang of Pangu Lab\n\nWi-Fi\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2020-9834: Yu Wang of Didi Research America\n\nWi-Fi\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A local user may be able to read kernel memory\nDescription: A memory initialization issue was addressed with\nimproved memory handling. \nCVE-2020-9833: Yu Wang of Didi Research America\n\nWi-Fi\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2020-9832: Yu Wang of Didi Research America\n\nWindowServer\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: An integer overflow was addressed through improved input\nvalidation. \nCVE-2020-9841: ABC Research s.r.o. working with Trend Micro Zero Day\nInitiative\n\nzsh\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS\nCatalina 10.15.4\nImpact: A local attacker may be able to elevate their privileges\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2019-20044: Sam Foxman\n\nAdditional recognition\n\nCoreBluetooth\nWe would like to acknowledge Maximilian von Tschitschnitz of\nTechnical University Munich and Ludwig Peuckert of Technical\nUniversity Munich for their assistance. \n\nCoreText\nWe would like to acknowledge Jiska Classen (@naehrdine) and Dennis\nHeinze (@ttdennis) of Secure Mobile Networking Lab for their\nassistance. \n\nEndpoint Security\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nImageIO\nWe would like to acknowledge Lei Sun for their assistance. \n\nIOHIDFamily\nWe would like to acknowledge Andy Davis of NCC Group for their\nassistance. \n\nIPSec\nWe would like to acknowledge Thijs Alkemade of Computest for their\nassistance. \n\nLogin Window\nWe would like to acknowledge Jon Morby and an anonymous researcher\nfor their assistance. \n\nSandbox\nWe would like to acknowledge Jason L Lang of Optum for their\nassistance. \n\nSpotlight\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive\nSecurity for their assistance. \n\nInstallation note:\n\nmacOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security\nUpdate 2020-003 High Sierra may be obtained from the Mac App Store or\nApple\u0027s Software Downloads web site:\nhttps://support.apple.com/downloads/\n-----BEGIN PGP SIGNATURE-----\nVersion: BCPG v1.64\n\niQIcBAEDCAAGBQJezZcfAAoJEAc+Lhnt8tDNIQYP/0YN+/T85WC7RJjAlRrUDduD\nZO0e76d2C1jNgZWsYmXnrEPwfRYAEPLcKgb/SxAlwlRNFqex9CNu2sD1aA3GZBIO\nMaektARuncqh06rl8BjbakS4HQs675vUEjoJS9H2d0pq2dSEIjOtH1agJwtGIeNS\nwHBFlUnQzI42hurYeq7fxRdiByf+Z3mKEBt6wlVtaWjqcMfG9sroj9H58RLiqSNm\nVNfU4eZNPrG49kbTf4IC2JvvKg18hrUZqIcjbV/56+kPBl4+USIxh/5ECJHV/cDD\nBEe64M2I1LiY0lq6neoOeHvBiiIvUq9EUW2PBnfcbo3V1D35mm6td+WnO3Buqo6f\nEEkjfIwtq7fI10ZPYYjiUayrQyfqmM3x14JcxDsHzlerT6NNRTg3g2ls0seQK9Lt\n8IDbkrseOR0JFukR1njC+cAk4RbDFue5cUJK6Js1nGvFwLN0kHFIhh9jFKgccgH7\nbKSLDAdB+kSxBOshDDmYyNS+KRzXEWIsBU8ZbNAbRDANWqm4lcPffKWcG7zIdiMQ\nJLUclRURf35AoFmJ0F1BZSRzFuHr1Dvh23SjNK7H9i/mD05+rY6esh5ZKco+6Yqe\npW/EOXEAs/J06xUytABH3SkFmQSzlIPuFrXa8qAskHhFp/E8yLehyefoY+AZJjal\nsLrLBIOxQCTskSFoExP8\n=2eah\n-----END PGP SIGNATURE-----\n\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: ksh security update\nAdvisory ID: RHSA-2020:1333-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:1333\nIssue date: 2020-04-06\nCVE Names: CVE-2019-14868\n====================================================================\n1. Summary:\n\nAn update for ksh is now available for Red Hat Enterprise Linux 7.6\nExtended Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x\n\n3. Description:\n\nKornShell (ksh) is a Unix shell developed by AT\u0026T Bell Laboratories, which\nis backward-compatible with the Bourne shell (sh) and includes many\nfeatures of the C shell. The most recent version is KSH-93. KornShell\ncomplies with the POSIX.2 standard (IEEE Std 1003.2-1992). \n\nSecurity Fix(es):\n\n* ksh: certain environment variables interpreted as arithmetic expressions\non startup, leading to code injection (CVE-2019-14868)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.6):\n\nSource:\nksh-20120801-140.el7_6.src.rpm\n\nx86_64:\nksh-20120801-140.el7_6.x86_64.rpm\nksh-debuginfo-20120801-140.el7_6.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 7.6):\n\nSource:\nksh-20120801-140.el7_6.src.rpm\n\nppc64:\nksh-20120801-140.el7_6.ppc64.rpm\nksh-debuginfo-20120801-140.el7_6.ppc64.rpm\n\nppc64le:\nksh-20120801-140.el7_6.ppc64le.rpm\nksh-debuginfo-20120801-140.el7_6.ppc64le.rpm\n\ns390x:\nksh-20120801-140.el7_6.s390x.rpm\nksh-debuginfo-20120801-140.el7_6.s390x.rpm\n\nx86_64:\nksh-20120801-140.el7_6.x86_64.rpm\nksh-debuginfo-20120801-140.el7_6.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):\n\nSource:\nksh-20120801-140.el7_6.src.rpm\n\naarch64:\nksh-20120801-140.el7_6.aarch64.rpm\nksh-debuginfo-20120801-140.el7_6.aarch64.rpm\n\nppc64le:\nksh-20120801-140.el7_6.ppc64le.rpm\nksh-debuginfo-20120801-140.el7_6.ppc64le.rpm\n\ns390x:\nksh-20120801-140.el7_6.s390x.rpm\nksh-debuginfo-20120801-140.el7_6.s390x.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-14868\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXotlt9zjgjWX9erEAQiUMA/9FZolfIAXKMjp9BykiBgvX84zEl6hey3x\njjG/PT73AIB6fmu4qgni9Cj61Z7fhYJRA5m79yrLHrwsvyGrqaPbKB5MTkoXFW5H\nHO38WQ/eOKc+/cKjWZYBkgZbojrz2HMnujBf09GsoUYo7fS1ylPugWkCOdbd0vId\njHAwwxSngUqPzVMv8CBGeinus4YOruZkY/2OhUJeFm3/nEwsbNUVcncA2ceBYs2W\nvu7Lp2fC4qZ9j6vt3yeuUtL2gpV6iDtmUa5SPAXc8wn/8luyg7DeVC8Xz+FxZSRt\nBxDO663OmLdfAKdsQEyiWMEsI4FMygiDyqpW9z4yjOZmcaDFJ96kXr98JfQooKxl\n9mfnXpIoFxCfDc3ved8zHtb1oMw/CB5AC/XOR71lxjd/qLy2w6b+2v4KWeKN0kKE\n6AZ0qr0jN/nLhhFjb+efzPxLMP9Wccv99U3M91xkG0I6w/vhwzM/848CYILnFnSt\njTScL1Jvax4g/r3TeJMoqsWZWOSZAZZzg5pc/1rfMEz+ySsQDum59jFQDQZvULve\nGaw8cjOX5lqfuWyjO2OxE2Lb8CFI+Rx0LWFMW9mjVJso3693XLATtr9PRzDP+J58\ns5x40dnM3mqEXKbKK++q0QA4OzQ5qXj17FFaUjOVRhXNT9ULoL8rZ9P9lxioEMlI\nNPsHxbgS/lg=Hx2Y\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 7.4) - x86_64\n\n3. 7.5) - ppc64, ppc64le, s390x, x86_64\n\n3",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-14868"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015261"
},
{
"db": "VULHUB",
"id": "VHN-146857"
},
{
"db": "PACKETSTORM",
"id": "156454"
},
{
"db": "PACKETSTORM",
"id": "157877"
},
{
"db": "PACKETSTORM",
"id": "157123"
},
{
"db": "PACKETSTORM",
"id": "157769"
},
{
"db": "PACKETSTORM",
"id": "160382"
},
{
"db": "PACKETSTORM",
"id": "160376"
},
{
"db": "PACKETSTORM",
"id": "157121"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-14868",
"trust": 3.2
},
{
"db": "PACKETSTORM",
"id": "157877",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "157769",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "157123",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "160376",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "156454",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015261",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "156502",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "156218",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "156381",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202002-300",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.1859",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1223",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4313",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2463",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0539",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1772",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0663",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0630",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0426",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "160382",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "157121",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-146857",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146857"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015261"
},
{
"db": "PACKETSTORM",
"id": "156454"
},
{
"db": "PACKETSTORM",
"id": "157877"
},
{
"db": "PACKETSTORM",
"id": "157123"
},
{
"db": "PACKETSTORM",
"id": "157769"
},
{
"db": "PACKETSTORM",
"id": "160382"
},
{
"db": "PACKETSTORM",
"id": "160376"
},
{
"db": "PACKETSTORM",
"id": "157121"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-300"
},
{
"db": "NVD",
"id": "CVE-2019-14868"
}
]
},
"id": "VAR-202004-0812",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-146857"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:22:46.394000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Harden env var imports",
"trust": 0.8,
"url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"
},
{
"title": "Red Hat Enterprise Linux KornShell Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=109905"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015261"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-300"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.1
},
{
"problemtype": "CWE-74",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146857"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015261"
},
{
"db": "NVD",
"id": "CVE-2019-14868"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://support.apple.com/kb/ht211170"
},
{
"trust": 2.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14868"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2020/may/53"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-14868"
},
{
"trust": 1.7,
"url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/security/cve/cve-2019-14868"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2020:0431"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14868"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/errata/rhsa-2020:0559"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/errata/rhsa-2020:1333"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/errata/rhsa-2020:2210"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/errata/rhsa-2020:5351"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/errata/rhsa-2020:5352"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/errata/rhsa-2020:1332"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2020:0568"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2020:0515"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1772/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157123/red-hat-security-advisory-2020-1333-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0539/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156218/red-hat-security-advisory-2020-0431-01.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/ksh-code-execution-via-environment-variables-arithmetic-expressions-31521"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4313/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0426/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160376/red-hat-security-advisory-2020-5352-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0630/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0663/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156381/red-hat-security-advisory-2020-0515-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2463/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157877/apple-security-advisory-2020-05-26-3.html"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht211170"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156502/red-hat-security-advisory-2020-0568-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157769/red-hat-security-advisory-2020-2210-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1859/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156454/red-hat-security-advisory-2020-0559-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1223/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9809"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9813"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9795"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9822"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9804"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9826"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9814"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9811"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9792"
},
{
"trust": 0.1,
"url": "https://support.apple.com/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3882"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9824"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9817"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9791"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9788"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9790"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9825"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9821"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9816"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3878"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9815"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9793"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9794"
},
{
"trust": 0.1,
"url": "https://wojciechregula.blog)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9812"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146857"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015261"
},
{
"db": "PACKETSTORM",
"id": "156454"
},
{
"db": "PACKETSTORM",
"id": "157877"
},
{
"db": "PACKETSTORM",
"id": "157123"
},
{
"db": "PACKETSTORM",
"id": "157769"
},
{
"db": "PACKETSTORM",
"id": "160382"
},
{
"db": "PACKETSTORM",
"id": "160376"
},
{
"db": "PACKETSTORM",
"id": "157121"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-300"
},
{
"db": "NVD",
"id": "CVE-2019-14868"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-146857"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015261"
},
{
"db": "PACKETSTORM",
"id": "156454"
},
{
"db": "PACKETSTORM",
"id": "157877"
},
{
"db": "PACKETSTORM",
"id": "157123"
},
{
"db": "PACKETSTORM",
"id": "157769"
},
{
"db": "PACKETSTORM",
"id": "160382"
},
{
"db": "PACKETSTORM",
"id": "160376"
},
{
"db": "PACKETSTORM",
"id": "157121"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-300"
},
{
"db": "NVD",
"id": "CVE-2019-14868"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-146857"
},
{
"date": "2020-04-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015261"
},
{
"date": "2020-02-20T21:13:20",
"db": "PACKETSTORM",
"id": "156454"
},
{
"date": "2020-05-29T19:04:22",
"db": "PACKETSTORM",
"id": "157877"
},
{
"date": "2020-04-06T19:18:52",
"db": "PACKETSTORM",
"id": "157123"
},
{
"date": "2020-05-19T20:25:55",
"db": "PACKETSTORM",
"id": "157769"
},
{
"date": "2020-12-07T14:26:16",
"db": "PACKETSTORM",
"id": "160382"
},
{
"date": "2020-12-07T14:00:31",
"db": "PACKETSTORM",
"id": "160376"
},
{
"date": "2020-04-06T19:18:02",
"db": "PACKETSTORM",
"id": "157121"
},
{
"date": "2020-02-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-300"
},
{
"date": "2020-04-02T17:15:13.990000",
"db": "NVD",
"id": "CVE-2019-14868"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-146857"
},
{
"date": "2020-04-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015261"
},
{
"date": "2023-03-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-300"
},
{
"date": "2023-02-12T23:36:17.613000",
"db": "NVD",
"id": "CVE-2019-14868"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-300"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ksh Injection vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015261"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-300"
}
],
"trust": 0.6
}
}
OPENSUSE-SU-2024:14252-1
Vulnerability from csaf_opensuse - Published: 2024-08-09 00:00 - Updated: 2024-08-09 00:00Summary
ksh-93vu-10.1 on GA media
Notes
Title of the patch
ksh-93vu-10.1 on GA media
Description of the patch
These are all security issues fixed in the ksh-93vu-10.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14252
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "ksh-93vu-10.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the ksh-93vu-10.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14252",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14252-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14868 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14868/"
}
],
"title": "ksh-93vu-10.1 on GA media",
"tracking": {
"current_release_date": "2024-08-09T00:00:00Z",
"generator": {
"date": "2024-08-09T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14252-1",
"initial_release_date": "2024-08-09T00:00:00Z",
"revision_history": [
{
"date": "2024-08-09T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ksh-93vu-10.1.aarch64",
"product": {
"name": "ksh-93vu-10.1.aarch64",
"product_id": "ksh-93vu-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "ksh-devel-93vu-10.1.aarch64",
"product": {
"name": "ksh-devel-93vu-10.1.aarch64",
"product_id": "ksh-devel-93vu-10.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-93vu-10.1.ppc64le",
"product": {
"name": "ksh-93vu-10.1.ppc64le",
"product_id": "ksh-93vu-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ksh-devel-93vu-10.1.ppc64le",
"product": {
"name": "ksh-devel-93vu-10.1.ppc64le",
"product_id": "ksh-devel-93vu-10.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-93vu-10.1.s390x",
"product": {
"name": "ksh-93vu-10.1.s390x",
"product_id": "ksh-93vu-10.1.s390x"
}
},
{
"category": "product_version",
"name": "ksh-devel-93vu-10.1.s390x",
"product": {
"name": "ksh-devel-93vu-10.1.s390x",
"product_id": "ksh-devel-93vu-10.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ksh-93vu-10.1.x86_64",
"product": {
"name": "ksh-93vu-10.1.x86_64",
"product_id": "ksh-93vu-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "ksh-devel-93vu-10.1.x86_64",
"product": {
"name": "ksh-devel-93vu-10.1.x86_64",
"product_id": "ksh-devel-93vu-10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-93vu-10.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ksh-93vu-10.1.aarch64"
},
"product_reference": "ksh-93vu-10.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-93vu-10.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ksh-93vu-10.1.ppc64le"
},
"product_reference": "ksh-93vu-10.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-93vu-10.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ksh-93vu-10.1.s390x"
},
"product_reference": "ksh-93vu-10.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-93vu-10.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ksh-93vu-10.1.x86_64"
},
"product_reference": "ksh-93vu-10.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-devel-93vu-10.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ksh-devel-93vu-10.1.aarch64"
},
"product_reference": "ksh-devel-93vu-10.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-devel-93vu-10.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ksh-devel-93vu-10.1.ppc64le"
},
"product_reference": "ksh-devel-93vu-10.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-devel-93vu-10.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ksh-devel-93vu-10.1.s390x"
},
"product_reference": "ksh-devel-93vu-10.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ksh-devel-93vu-10.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ksh-devel-93vu-10.1.x86_64"
},
"product_reference": "ksh-devel-93vu-10.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14868"
}
],
"notes": [
{
"category": "general",
"text": "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ksh-93vu-10.1.aarch64",
"openSUSE Tumbleweed:ksh-93vu-10.1.ppc64le",
"openSUSE Tumbleweed:ksh-93vu-10.1.s390x",
"openSUSE Tumbleweed:ksh-93vu-10.1.x86_64",
"openSUSE Tumbleweed:ksh-devel-93vu-10.1.aarch64",
"openSUSE Tumbleweed:ksh-devel-93vu-10.1.ppc64le",
"openSUSE Tumbleweed:ksh-devel-93vu-10.1.s390x",
"openSUSE Tumbleweed:ksh-devel-93vu-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14868",
"url": "https://www.suse.com/security/cve/CVE-2019-14868"
},
{
"category": "external",
"summary": "SUSE Bug 1160796 for CVE-2019-14868",
"url": "https://bugzilla.suse.com/1160796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ksh-93vu-10.1.aarch64",
"openSUSE Tumbleweed:ksh-93vu-10.1.ppc64le",
"openSUSE Tumbleweed:ksh-93vu-10.1.s390x",
"openSUSE Tumbleweed:ksh-93vu-10.1.x86_64",
"openSUSE Tumbleweed:ksh-devel-93vu-10.1.aarch64",
"openSUSE Tumbleweed:ksh-devel-93vu-10.1.ppc64le",
"openSUSE Tumbleweed:ksh-devel-93vu-10.1.s390x",
"openSUSE Tumbleweed:ksh-devel-93vu-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ksh-93vu-10.1.aarch64",
"openSUSE Tumbleweed:ksh-93vu-10.1.ppc64le",
"openSUSE Tumbleweed:ksh-93vu-10.1.s390x",
"openSUSE Tumbleweed:ksh-93vu-10.1.x86_64",
"openSUSE Tumbleweed:ksh-devel-93vu-10.1.aarch64",
"openSUSE Tumbleweed:ksh-devel-93vu-10.1.ppc64le",
"openSUSE Tumbleweed:ksh-devel-93vu-10.1.s390x",
"openSUSE Tumbleweed:ksh-devel-93vu-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-14868"
}
]
}
FKIE_CVE-2019-14868
Vulnerability from fkie_nvd - Published: 2020-04-02 17:15 - Updated: 2024-11-21 04:27
Severity ?
7.4 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ksh_project | ksh | 20120801 | |
| debian | debian_linux | 9.0 | |
| apple | mac_os_x | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ksh_project:ksh:20120801:*:*:*:*:*:*:*",
"matchCriteriaId": "C453FD9C-7375-4E2E-84AD-ABC3CC786153",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99973242-A249-4C34-B042-5F833AE73708",
"versionEndExcluding": "10.15.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely."
},
{
"lang": "es",
"value": "En ksh versi\u00f3n 20120801, se detect\u00f3 un fallo en la manera que eval\u00faa determinadas variables de entorno. Un atacante podr\u00eda usar este fallo para anular u omitir unas restricciones del entorno para ejecutar comandos de shell. Los servicios y las aplicaciones permiten a atacantes remotos no autenticados proporcionar una de esas variables de entorno que podr\u00edan permitirles explotar este problema remotamente."
}
],
"id": "CVE-2019-14868",
"lastModified": "2024-11-21T04:27:32.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.4,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-02T17:15:13.990",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/May/53"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT211170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/May/53"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT211170"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
GHSA-2X84-7422-962R
Vulnerability from github – Published: 2022-05-24 17:13 – Updated: 2023-02-02 15:30
VLAI?
Details
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.
Severity ?
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2019-14868"
],
"database_specific": {
"cwe_ids": [
"CWE-77"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-04-02T17:15:00Z",
"severity": "HIGH"
},
"details": "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"id": "GHSA-2x84-7422-962r",
"modified": "2023-02-02T15:30:28Z",
"published": "2022-05-24T17:13:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14868"
},
{
"type": "WEB",
"url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0431"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0515"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0559"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0568"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:1332"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:1333"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:2210"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:5351"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:5352"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2019-14868"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT211170"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2020/May/53"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2019-14868
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-14868",
"description": "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"id": "GSD-2019-14868",
"references": [
"https://www.suse.com/security/cve/CVE-2019-14868.html",
"https://access.redhat.com/errata/RHSA-2020:5352",
"https://access.redhat.com/errata/RHSA-2020:5351",
"https://access.redhat.com/errata/RHSA-2020:2210",
"https://access.redhat.com/errata/RHSA-2020:1333",
"https://access.redhat.com/errata/RHSA-2020:1332",
"https://access.redhat.com/errata/RHSA-2020:0568",
"https://access.redhat.com/errata/RHSA-2020:0559",
"https://access.redhat.com/errata/RHSA-2020:0515",
"https://access.redhat.com/errata/RHSA-2020:0431",
"https://advisories.mageia.org/CVE-2019-14868.html",
"https://security.archlinux.org/CVE-2019-14868",
"https://linux.oracle.com/cve/CVE-2019-14868.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-14868"
],
"details": "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.",
"id": "GSD-2019-14868",
"modified": "2023-12-13T01:23:53.224994Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-14868",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ksh",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20120801"
}
]
}
}
]
},
"vendor_name": "KornShell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-77",
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211170",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211170"
},
{
"name": "http://seclists.org/fulldisclosure/2020/May/53",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2020/May/53"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868"
},
{
"name": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2",
"refsource": "MISC",
"url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ksh_project:ksh:20120801:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.15.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-14868"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868"
},
{
"name": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"
},
{
"name": "https://support.apple.com/kb/HT211170",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT211170"
},
{
"name": "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/May/53"
},
{
"name": "[debian-lts-announce] 20200720 [SECURITY] [DLA 2284-1] ksh security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-02-12T23:36Z",
"publishedDate": "2020-04-02T17:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…