oss-sec mailing list archives
Re: CVE request: freebsd/sh stack overflow vulnerability
From: Mark Felder <feld () feld me>
Date: Mon, 13 Apr 2015 10:17:27 -0500
On Tue, Mar 31, 2015, at 05:42, wzt wzt wrote:
hi: I found sh have a stack overflow bug on freebsd(9.0-10.0), it may be triggered on all freebsd systems, but i have not tested yet. the poc below is tested on freebsd10.0 amd64 arch:
I brought this to the attention of jilles@, the current sh(1) maintainer in FreeBSD. He responded: "Since unset command is equivalent to unset -v command in our sh, this is equivalent to sh -c 'f() { f; }; f', and not a vulnerability."
Current thread:
- Re: CVE request: freebsd/sh stack overflow vulnerability Mark Felder (Apr 13)