CVE-2019-20044

Updated: 2023-11-07 19:06:06.419328

Description:

In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x HIGH 7.2
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated
Ubuntu 16.04 ELS zsh 5.1.1-1 7.8 HIGH Released CLSA-2022:1648138003 2022-03-24 18:56:27
Ubuntu 16.04 ELS linux-hwe 4.15.0 7.8 HIGH Not Vulnerable 2022-10-04 14:02:37
Ubuntu 16.04 ELS linux 4.4.0 7.8 HIGH Not Vulnerable 2022-04-11 16:02:48