Home

CVE-2019-20044

Description

In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.068

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.5Mac
Multiple vulnerabilities are fixed in macOS Catalina 10.15.5 Combo UpdateMac
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.5 (Deployment-Only)Mac
Multiple vulnerabilities are fixed in macOS Catalina 10.15.5 Combo Update (Deployment-Only)Mac
(RHSA-2020:0892) zsh security update zsh-4.3.11-11.el6_10.i686.rpmLinux
(RHSA-2020:0892) zsh security update zsh-4.3.11-11.el6_10.x86_64.rpmLinux
(RHSA-2020:0892) zsh security update zsh-html-4.3.11-11.el6_10.i686.rpmLinux
(RHSA-2020:0892) zsh security update zsh-html-4.3.11-11.el6_10.x86_64.rpmLinux
(RHSA-2020:0853) zsh security update zsh-5.0.2-34.el7_7.2.x86_64.rpmLinux
(RHSA-2020:0853) zsh security update zsh-html-5.0.2-34.el7_7.2.x86_64.rpmLinux
(RHSA-2020:0903) zsh security update zsh-5.5.1-6.el8_1.2.x86_64.rpmLinux
(RHSA-2020:0903) zsh security update zsh-debugsource-5.5.1-6.el8_1.2.x86_64.rpmLinux
(RHSA-2020:0903) zsh security update zsh-html-5.5.1-6.el8_1.2.noarch.rpmLinux
Zsh update (ELSA-2020-0892) zsh-4.3.11-11.el6_10.x86_64.rpmLinux
Zsh update (ELSA-2020-0892) zsh-4.3.11-11.el6_10.i686.rpmLinux
(CESA-2020:0903) zsh security update zsh-5.5.1-6.el8_1.2.x86_64.rpmLinux
(CESA-2020:0903) zsh security update zsh-html-5.5.1-6.el8_1.2.noarch.rpmLinux
(CESA-2020:0892) zsh security update zsh-4.3.11-11.el6_10.i686.rpmLinux
(CESA-2020:0892) zsh security update zsh-4.3.11-11.el6_10.x86_64.rpmLinux
(CESA-2020:0892) zsh security update zsh-html-4.3.11-11.el6_10.i686.rpmLinux
(CESA-2020:0892) zsh security update zsh-html-4.3.11-11.el6_10.x86_64.rpmLinux
shell with lots of features (USN-5325-1) zsh_5.8-3ubuntu1.1_i386.debLinux
shell with lots of features (USN-5325-1) zsh_5.8-3ubuntu1.1_amd64.debLinux
shell with lots of features (USN-5325-1) zsh_5.8-6ubuntu0.1_i386.debLinux
shell with lots of features (USN-5325-1) zsh_5.8-6ubuntu0.1_amd64.debLinux
shell with lots of features (USN-5325-1) zsh_5.4.2-3ubuntu3.2_i386.debLinux
shell with lots of features (USN-5325-1) zsh_5.4.2-3ubuntu3.2_amd64.debLinux
shell with lots of features (USN-5325-1) zsh-static_5.8-3ubuntu1.1_i386.debLinux
shell with lots of features (USN-5325-1) zsh-static_5.8-3ubuntu1.1_amd64.debLinux
shell with lots of features (USN-5325-1) zsh-static_5.8-6ubuntu0.1_i386.debLinux
shell with lots of features (USN-5325-1) zsh-static_5.8-6ubuntu0.1_amd64.debLinux
shell with lots of features (USN-5325-1) zsh-static_5.4.2-3ubuntu3.2_i386.debLinux
shell with lots of features (USN-5325-1) zsh-static_5.4.2-3ubuntu3.2_amd64.debLinux
SUSE-SU-2022:0733-1(SUSE Linux Enterprise Server 12-SP5 ) zsh-5.0.5-6.19.1.x86_64.rpmLinux
SUSE-SU-2022:0733-1(SUSE Linux Enterprise Server 12-SP5 ) zsh-debuginfo-5.0.5-6.19.1.x86_64.rpmLinux
SUSE-SU-2022:0733-1(SUSE Linux Enterprise Server 12-SP5 ) zsh-debugsource-5.0.5-6.19.1.x86_64.rpmLinux
(RHSA-2020:0853)Important: security update zsh-debuginfo-5.0.2-34.el7_7.2.x86_64.rpmLinux
Zsh update (ELSA-2020-0903) zsh-5.5.1-6.el8_1.2.x86_64.rpmLinux
Zsh-html update (ELSA-2020-0903) zsh-html-5.5.1-6.el8_1.2.noarch.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-602673MacOS Catalina 10.15.7 - Auto Reboot
PATCH-602674macOS Catalina 10.15.7 Combo Update - Auto Reboot
PATCH-602736MacOS Catalina 10.15.5 (Deployment-Only)
PATCH-602738macOS Catalina 10.15.5 Combo Update (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234