On 5/30/24 12:53 AM, B_M wrote:
Hello, I have discovered a severe heap overflow vulnerability in Bash,
which exists in both the latest and older versions. Attackers can craft
payloads to elevate privileges or execute malicious code. Should I directly
submit it to the CVE website, or should I send
Hello, I have discovered a severe heap overflow vulnerability in Bash,
which exists in both the latest and older versions. Attackers can craft
payloads to elevate privileges or execute malicious code. Should I directly
submit it to the CVE website, or should I send it to you? If I send it to
you, c
On 8/30/22 1:05 PM, Иван Капранов wrote:
Bash Version: 5.1
Patch Level: 16
Release Status: release
Hi! I was fuzzing bash with AFL++ and found stack overflow.
Yes, if you word-expand a string that specifies that an identical word
expansion be performed, you're goi
and found stack overflow.
Description:
A recursive call to a chain of functions leads to a stack overflow and
a program crash (segmentation fault).
Asan report:
Address sanitizer report:
==693300==ERROR: AddressSanitizer: stack-overflow on address 0x7ffe7a72f970 (pc
0x7f1bc73f7620
* Chet Ramey , 2020-08-03, 09:15:
On 8/3/20 5:30 AM, Jakub Wilk wrote:
Bash Version: 5.0
Patch Level: 18
Release Status: release
bash crashes with stack overflow when checking syntax of this crafted script:
$ ulimit -s
8192
$ printf 'x[$(($(fi)))`\n%05d\n][`]\n' | tr 0
On 8/3/20 5:30 AM, Jakub Wilk wrote:
> Bash Version: 5.0
> Patch Level: 18
> Release Status: release
>
> bash crashes with stack overflow when checking syntax of this crafted script:
>
> $ ulimit -s
> 8192
>
> $ printf 'x[$(($(fi)))`\n%05d\n][
Status: release
bash crashes with stack overflow when checking syntax of this crafted script:
$ ulimit -s
8192
$ printf 'x[$(($(fi)))`\n%05d\n][`]\n' | tr 0 '(' | bash -n
bash: command substitution: line 4: syntax error near unexpected token `fi'
bash: com
