CVE-2012-6711

A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
Affected Products (NVD)
VendorProductVersion
gnubash
4.2 ≤
𝑥
≤ 4.3
redhatenterprise_linux
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
bash
bookworm
5.2.15-2
fixed
bullseye
5.1-2+deb11u1
fixed
sid
5.2.32-1
fixed
trixie
5.2.32-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bash
bionic
not-affected
cosmic
not-affected
disco
not-affected
eoan
not-affected
trusty
not-affected
xenial
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
bash
suse enterprise server 12 SP1
4.2-83.6.1
fixed
bash-doc
suse enterprise server 12 SP1
4.2-83.6.1
fixed
libreadline6
suse enterprise server 12 SP1
6.2-83.6.1
fixed
libreadline6-32bit
suse enterprise server 12 SP1
6.2-83.6.1
fixed
readline-doc
suse enterprise server 12 SP1
6.2-83.6.1
fixed
Common Weakness Enumeration
References
http://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=863d31ae775d56b785dc5b0105b6d251515d81d5
http://www.securityfocus.com/bid/108824
https://bugzilla.redhat.com/show_bug.cgi?id=1721071
https://support.f5.com/csp/article/K05122252
https://support.f5.com/csp/article/K05122252?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/4180-1/
http://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=863d31ae775d56b785dc5b0105b6d251515d81d5
http://www.securityfocus.com/bid/108824
https://bugzilla.redhat.com/show_bug.cgi?id=1721071
https://support.f5.com/csp/article/K05122252
https://support.f5.com/csp/article/K05122252?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/4180-1/