This is now fixed:
http://www.ubuntu.com/usn/usn-2364-1/
** Changed in: bash (Ubuntu Precise)
Status: Confirmed = Fix Released
** Changed in: bash (Ubuntu Trusty)
Status: Confirmed = Fix Released
** Changed in: bash (Ubuntu Lucid)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1374375
Title:
CVE-2014-7186: bash crashed with SIGSEGV in list_reverse()
Status in “bash” package in Ubuntu:
Fix Committed
Status in “bash” source package in Lucid:
Fix Released
Status in “bash” source package in Precise:
Fix Released
Status in “bash” source package in Trusty:
Fix Released
Status in “bash” source package in Utopic:
Fix Committed
Bug description:
Reproduced with
bash -c 'true EOF EOF EOF EOF EOF EOF EOF EOF EOF
EOF EOF EOF EOF EOF EOF EOF EOF EOF'
http://seclists.org/oss-sec/2014/q3/712
ProblemType: Crash
DistroRelease: Ubuntu 14.10
Package: bash 4.3-9ubuntu2
ProcVersionSignature: Ubuntu 3.16.0-17.23-generic 3.16.3
Uname: Linux 3.16.0-17-generic x86_64
NonfreeKernelModules: openafs
ApportVersion: 2.14.7-0ubuntu2
Architecture: amd64
CurrentDesktop: GNOME
Date: Fri Sep 26 05:42:50 2014
EcryptfsInUse: Yes
ExecutablePath: /bin/bash
InstallationDate: Installed on 2014-08-22 (35 days ago)
InstallationMedia: Ubuntu-GNOME 14.10 Utopic Unicorn - Alpha amd64
(20140730)
ProcCmdline: bash -c true\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\
EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF\ EOF
SegvAnalysis:
Segfault happened at: 0x46cfc3 list_reverse+19:mov(%rax),%rdx
PC (0x0046cfc3) ok
source (%rax) (0x3c3c20464f453c3c) not located in a known VMA region
(needed readable region)!
destination %rdx ok
SegvReason: reading unknown VMA
Signal: 11
SourcePackage: bash
StacktraceTop:
list_reverse ()
clean_simple_command ()
yyparse ()
parse_command ()
parse_and_execute ()
Title: bash crashed with SIGSEGV in list_reverse()
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm bumblebee cdrom dip libvirtd lpadmin plugdev sambashare sudo
wireshark
modified.conffile..etc.bash.bashrc: [modified]
mtime.conffile..etc.bash.bashrc: 2014-03-27T19:05:55
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1374375/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp