edit-icon download-icon

[Vulnerability notice] CVE-2016-7543: GNU Bash local command execution vulnerability

Last Updated: Mar 19, 2018

CVE identifier

CVE-2016-7543

Vulnerability name

GNU Bash local command execution vulnerability

Vulnerability rating

High

Vulnerability description

Bash versions earlier than 4.4 are prone to this vulnerability. A local user can exploit this vulnerability by constructing the SHELLOPTS and PS4 environment variables to run arbitrary commands with the root privilege.

Condition and method of exploitation

Local exploitation.

Affected scope

  • GNU bash 3.1.4
  • GNU bash 3.0.16
  • GNU bash 2.3
  • GNU bash 2.2.1
  • GNU bash 2.2
  • GNU bash 2.1
  • GNU bash 2.0
  • GNU bash 1.14.5
  • GNU bash 1.14.3
  • GNU bash 1.14.2
  • GNU bash 1.14.1
  • GNU bash 1.14
  • GNU bash 4.3
  • GNU bash 4.2
  • GNU bash 4.1
  • GNU bash 4.0
  • GNU bash 3.2.48
  • GNU bash 3.2
  • GNU bash 2.05
  • GNU bash 2.04
  • GNU bash 2.03
  • GNU bash 2.02
  • GNU bash 2.01.1
  • GNU bash 2.01
  • GNU bash 1.14.7
  • GNU bash 1.14.6
  • GNU bash 1.14.4

Vulnerability detection

Use Alibaba Cloud Security Server Guard to detect this vulnerability.

  1. Log on to the Alibaba Cloud Security Server Guard console.

  2. Go to Server List.

  3. Select the target server and click Detect.

Note: Currently, only the professional and later versions support the detection function. These versions are paid services.

How to fix or mitigate

An official patch has been released to fix this vulnerability. You can download the patch on the vendor’s website.

Reference

[1]. http://www.linuxidc.com/Linux/2017-01/139740.htm
[2]. https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7543 -

Thank you! We've received your feedback.