bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Use-After-Free in Bash


From: Eduardo Bustamante
Subject: Re: Use-After-Free in Bash
Date: Tue, 30 Oct 2018 18:19:34 -0700

On Tue, Oct 30, 2018 at 1:03 PM Corbin Souffrant
<corbin.souffrant@gmail.com> wrote:
(...)
> I found a reproducible use-after-free in every version of Bash from
> 4.4-5.0beta, that could potentially be used to escape restricted mode. I
> say potentially, because I can get it to crash in restricted mode, but I
> haven't gone through the effort of attempting to heap spray to overwrite
> function pointers.

Disclaimer: I'm not a maintainer.

Did you check the `devel' branch in the git repository?

I don't think the restricted mode is really advertised as a powerful
security feature, so IMO you should be able to report it here. If
you're worried though, you can always email Chet Ramey directly.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]