[Touch-packages] [Bug 1378071] Re: bash crashed with SIGSEGV in strlen()
This should be fixed now by: http://www.ubuntu.com/usn/usn-2380-1/ ** Changed in: bash (Ubuntu) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1378071 Title: bash crashed with SIGSEGV in strlen() Status in “bash” package in Ubuntu: Fix Released Bug description: Tried to run vulnerability tester for ShellShock: curl https://shellshocker.net/shellshock_test.sh | bash ProblemType: Crash DistroRelease: Ubuntu 14.10 Package: bash 4.3-10ubuntu1 ProcVersionSignature: Ubuntu 3.16.0-20.27-generic 3.16.3 Uname: Linux 3.16.0-20-generic x86_64 ApportVersion: 2.14.7-0ubuntu3 Architecture: amd64 Date: Mon Oct 6 15:20:52 2014 ExecutablePath: /bin/bash InstallationDate: Installed on 2014-10-03 (3 days ago) InstallationMedia: Xubuntu 14.10 Utopic Unicorn - Alpha amd64 (20140923) ProcCmdline: bash -c f()\ {\ x()\ {\ _;};\ x()\ {\ _;}\ a;\ } ProcEnviron: TERM=xterm SHELL=/bin/bash PATH=(custom, no user) LANG=en_US.UTF-8 SegvAnalysis: Segfault happened at: 0x7fa67ca5c564 strlen+148: pcmpeqb (%rax),%xmm8 PC (0x7fa67ca5c564) ok source (%rax) (0xdfdfdfdfdfdfdfc0) not located in a known VMA region (needed readable region)! destination %xmm8 ok SegvReason: reading unknown VMA Signal: 11 SourcePackage: bash StacktraceTop: strlen () at ../sysdeps/x86_64/strlen.S:137 copy_redirect () copy_redirects () copy_command () copy_function_def_contents () Title: bash crashed with SIGSEGV in strlen() UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1378071/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378071] Re: bash crashed with SIGSEGV in strlen()
With the prefix+suffix patches, this can no longer be exploited across privilege boundaries; we'll likely include these fixes at some point in the future but don't consider them a pressing issue any longer. For more details please see our CVE tracker: http://people.canonical.com/~ubuntu- security/cve/2014/CVE-2014-6277.html Thanks ** Information type changed from Private Security to Public Security ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-6277 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1378071 Title: bash crashed with SIGSEGV in strlen() Status in “bash” package in Ubuntu: New Bug description: Tried to run vulnerability tester for ShellShock: curl https://shellshocker.net/shellshock_test.sh | bash ProblemType: Crash DistroRelease: Ubuntu 14.10 Package: bash 4.3-10ubuntu1 ProcVersionSignature: Ubuntu 3.16.0-20.27-generic 3.16.3 Uname: Linux 3.16.0-20-generic x86_64 ApportVersion: 2.14.7-0ubuntu3 Architecture: amd64 Date: Mon Oct 6 15:20:52 2014 ExecutablePath: /bin/bash InstallationDate: Installed on 2014-10-03 (3 days ago) InstallationMedia: Xubuntu 14.10 Utopic Unicorn - Alpha amd64 (20140923) ProcCmdline: bash -c f()\ {\ x()\ {\ _;};\ x()\ {\ _;}\ a;\ } ProcEnviron: TERM=xterm SHELL=/bin/bash PATH=(custom, no user) LANG=en_US.UTF-8 SegvAnalysis: Segfault happened at: 0x7fa67ca5c564 strlen+148: pcmpeqb (%rax),%xmm8 PC (0x7fa67ca5c564) ok source (%rax) (0xdfdfdfdfdfdfdfc0) not located in a known VMA region (needed readable region)! destination %xmm8 ok SegvReason: reading unknown VMA Signal: 11 SourcePackage: bash StacktraceTop: strlen () at ../sysdeps/x86_64/strlen.S:137 copy_redirect () copy_redirects () copy_command () copy_function_def_contents () Title: bash crashed with SIGSEGV in strlen() UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1378071/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378071] Re: bash crashed with SIGSEGV in strlen()
Also, please, no one ever run any command along the line of curl foo | bash -- a malicious web server could easily give some friendly-looking content to a web browser but malware payload to curl. Download the script, read the script, validate published signatures, and only then execute the script directly if you still trust it. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1378071 Title: bash crashed with SIGSEGV in strlen() Status in “bash” package in Ubuntu: New Bug description: Tried to run vulnerability tester for ShellShock: curl https://shellshocker.net/shellshock_test.sh | bash ProblemType: Crash DistroRelease: Ubuntu 14.10 Package: bash 4.3-10ubuntu1 ProcVersionSignature: Ubuntu 3.16.0-20.27-generic 3.16.3 Uname: Linux 3.16.0-20-generic x86_64 ApportVersion: 2.14.7-0ubuntu3 Architecture: amd64 Date: Mon Oct 6 15:20:52 2014 ExecutablePath: /bin/bash InstallationDate: Installed on 2014-10-03 (3 days ago) InstallationMedia: Xubuntu 14.10 Utopic Unicorn - Alpha amd64 (20140923) ProcCmdline: bash -c f()\ {\ x()\ {\ _;};\ x()\ {\ _;}\ a;\ } ProcEnviron: TERM=xterm SHELL=/bin/bash PATH=(custom, no user) LANG=en_US.UTF-8 SegvAnalysis: Segfault happened at: 0x7fa67ca5c564 strlen+148: pcmpeqb (%rax),%xmm8 PC (0x7fa67ca5c564) ok source (%rax) (0xdfdfdfdfdfdfdfc0) not located in a known VMA region (needed readable region)! destination %xmm8 ok SegvReason: reading unknown VMA Signal: 11 SourcePackage: bash StacktraceTop: strlen () at ../sysdeps/x86_64/strlen.S:137 copy_redirect () copy_redirects () copy_command () copy_function_def_contents () Title: bash crashed with SIGSEGV in strlen() UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1378071/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp