Heap-buffer Overflow in Bash Package Affecting Red Hat Products
CVE-2022-3715

7.8HIGH

Key Information:

Vendor: Gnu
Status: Bash
Vendor: CVE Published:; 5 January 2023

Summary

A flaw in the bash package has been identified that allows for a heap-buffer overflow during the parameter transform phase. This vulnerability could lead to various memory-related problems, potentially affecting system stability and performance. Users of affected versions should take necessary precautions and apply updates to safeguard against exploitation.

Affected Version(s)

bash bash 5.1.8

References

https://bugzilla.redhat.com/show_bug.cgi?id=2126720

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 5, 2023
Vulnerability Reserved
Oct 27, 2022