Advisories ยป MGASA-2016-0393

Updated bash packages fix security vulnerability

Publication date: 21 Nov 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-0634 , CVE-2016-7543


A vulnerability was found in a way bash expands the $HOSTNAME. Injecting
the hostname with malicious code would cause it to run each time bash
expanded \h in the prompt string (CVE-2016-0634).

Shells running as root inherited PS4 from the environment, allowing PS4
expansion performing command substitution. Local attacker could gain
arbitrary code execution via bogus setuid binaries using system()/popen()
by specially crafting SHELLOPTS+PS4 environment variables (CVE-2016-7543)