Novell Home

CVE-2012-3410

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-3410 at MITRE

Description

Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix.

NVD CVSS v2 Base Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 770795, 826692

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE CORE 9 for AMD64 and Intel EM64T
  • bash >= 2.05b-305.23
  • readline >= 4.3-306.21
  • readline-32bit >= 9-201207131337
  • readline-devel >= 4.3-306.21
  • readline-devel-32bit >= 9-201207131337
Builds
YOU Patch Nr: 12900
SUSE Linux Enterprise Desktop 10 SP4 for x86
SUSE Linux Enterprise Server 10 SP4 for x86
  • bash >= 3.1-24.30.1
  • readline >= 5.1-24.30.1
  • readline-devel >= 5.1-24.30.1
sles10-sp4.s390x
sled10-sp4.x86-64
sles10-sp4.x86
sles10-sp4.x86-64
sled10-sp4.x86
sles10-sp4.ia64
sles10-sp4.ppc
ZYPP Patch Nr: 8217
SUSE Linux Enterprise Server 10 SP4 for IPF
  • bash >= 3.1-24.30.1
  • bash-x86 >= 3.1-24.30.1
  • readline >= 5.1-24.30.1
  • readline-devel >= 5.1-24.30.1
  • readline-x86 >= 5.1-24.30.1
sles10-sp4.s390x
sled10-sp4.x86-64
sles10-sp4.x86
sles10-sp4.x86-64
sled10-sp4.x86
sles10-sp4.ia64
sles10-sp4.ppc
ZYPP Patch Nr: 8217
SUSE Linux Enterprise Server 10 SP4 for IBM POWER
  • bash >= 3.1-24.30.1
  • readline >= 5.1-24.30.1
  • readline-64bit >= 5.1-24.30.1
  • readline-devel >= 5.1-24.30.1
  • readline-devel-64bit >= 5.1-24.30.1
sles10-sp4.s390x
sled10-sp4.x86-64
sles10-sp4.x86
sles10-sp4.x86-64
sled10-sp4.x86
sles10-sp4.ia64
sles10-sp4.ppc
ZYPP Patch Nr: 8217
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit
  • bash >= 3.1-24.30.1
  • readline >= 5.1-24.30.1
  • readline-32bit >= 5.1-24.30.1
  • readline-devel >= 5.1-24.30.1
  • readline-devel-32bit >= 5.1-24.30.1
sles10-sp4.s390x
sled10-sp4.x86-64
sles10-sp4.x86
sles10-sp4.x86-64
sled10-sp4.x86
sles10-sp4.ia64
sles10-sp4.ppc
ZYPP Patch Nr: 8217
SLE 11 SP1 DEBUGINFO
  • bash-debuginfo >= 3.2-147.12.1
  • bash-debuginfo-x86 >= 3.2-147.12.1
  • bash-debugsource >= 3.2-147.12.1
sles11-sp2.x86-64
sle11-sp1-sdk.x86
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp2.s390x
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86
sled11-sp2.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sles11-sp1.s390x
sle11-sp1-sdk.ppc
sled11-sp2.x86-64
sles11-sp2.x86
sle11-sp2-sdk.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.ppc
sles11-sp1.ia64
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 6541
SLE 11 SP1 DEBUGINFO
  • bash-debuginfo >= 3.2-147.12.1
  • bash-debugsource >= 3.2-147.12.1
sles11-sp2.x86-64
sle11-sp1-sdk.x86
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp2.s390x
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86
sled11-sp2.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sles11-sp1.s390x
sle11-sp1-sdk.ppc
sled11-sp2.x86-64
sles11-sp2.x86
sle11-sp2-sdk.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.ppc
sles11-sp1.ia64
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 6541
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
  • readline-devel >= 5.2-147.12.1
sles11-sp2.x86-64
sle11-sp1-sdk.x86
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp2.s390x
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86
sled11-sp2.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sles11-sp1.s390x
sle11-sp1-sdk.ppc
sled11-sp2.x86-64
sles11-sp2.x86
sle11-sp2-sdk.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.ppc
sles11-sp1.ia64
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 6541
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
  • readline-devel >= 5.2-147.12.1
  • readline-devel-32bit >= 5.2-147.12.1
sles11-sp2.x86-64
sle11-sp1-sdk.x86
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp2.s390x
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86
sled11-sp2.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sles11-sp1.s390x
sle11-sp1-sdk.ppc
sled11-sp2.x86-64
sles11-sp2.x86
sle11-sp2-sdk.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.ppc
sles11-sp1.ia64
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 6541
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
  • libreadline5 >= 5.2-147.12.1
  • readline-devel >= 5.2-147.12.1
sles11-sp2.x86-64
sle11-sp1-sdk.x86
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp2.s390x
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86
sled11-sp2.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sles11-sp1.s390x
sle11-sp1-sdk.ppc
sled11-sp2.x86-64
sles11-sp2.x86
sle11-sp2-sdk.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.ppc
sles11-sp1.ia64
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 6541
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
  • libreadline5 >= 5.2-147.12.1
  • readline-devel >= 5.2-147.12.1
  • readline-devel-32bit >= 5.2-147.12.1
sles11-sp2.x86-64
sle11-sp1-sdk.x86
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp2.s390x
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86
sled11-sp2.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sles11-sp1.s390x
sle11-sp1-sdk.ppc
sled11-sp2.x86-64
sles11-sp2.x86
sle11-sp2-sdk.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.ppc
sles11-sp1.ia64
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 6541
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP2
  • bash >= 3.2-147.12.1
  • bash-doc >= 3.2-147.12.1
  • libreadline5 >= 5.2-147.12.1
  • readline-doc >= 5.2-147.12.1
sles11-sp2.x86-64
sle11-sp1-sdk.x86
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp2.s390x
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86
sled11-sp2.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sles11-sp1.s390x
sle11-sp1-sdk.ppc
sled11-sp2.x86-64
sles11-sp2.x86
sle11-sp2-sdk.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.ppc
sles11-sp1.ia64
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 6541
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP2
  • bash >= 3.2-147.12.1
  • bash-doc >= 3.2-147.12.1
  • bash-x86 >= 3.2-147.12.1
  • libreadline5 >= 5.2-147.12.1
  • libreadline5-x86 >= 5.2-147.12.1
  • readline-doc >= 5.2-147.12.1
sles11-sp2.x86-64
sle11-sp1-sdk.x86
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp2.s390x
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86
sled11-sp2.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sles11-sp1.s390x
sle11-sp1-sdk.ppc
sled11-sp2.x86-64
sles11-sp2.x86
sle11-sp2-sdk.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.ppc
sles11-sp1.ia64
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 6541
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP2
  • bash >= 3.2-147.12.1
  • bash-doc >= 3.2-147.12.1
  • libreadline5 >= 5.2-147.12.1
  • libreadline5-32bit >= 5.2-147.12.1
  • readline-doc >= 5.2-147.12.1
sles11-sp2.x86-64
sle11-sp1-sdk.x86
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp2.s390x
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86
sled11-sp2.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp2.ppc
sle11-sp2-sdk.s390x
sled11-sp1.x86-64
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sles11-sp1.s390x
sle11-sp1-sdk.ppc
sled11-sp2.x86-64
sles11-sp2.x86
sle11-sp2-sdk.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.ppc
sles11-sp1.ia64
sles11-sp1.x86
sled11-sp1.x86
SAT Patch Nr: 6541

List of products where fixes are in QA

SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit
SUSE Linux Enterprise Server 10 SP3 LTSS for x86

© 2014 Novell