I meant to include this test run:
(stretch-amd64-default)root@silverfish:/home/brian# SHLVL='2#11+x[$(/bin/echo
DANGER WILL ROBINSON >&2)0]' /usr/bin/ksh
Segmentation fault
DANGER WILL ROBINSON
As in no echo command is required.
Below is the full stack trace of the segfault (recompiled
Ola Lundqvist writes:
> Interesting. I wonder how I concluded that it was just arithmetic
> expressions. Do you want me to re-check it?
Yes please, might be a good idea.
> Segmentation faults can be problematic too, but it looks like we have
> some protection against this CVE already. The