CVE-2017-18205

Synopsis Moderate: zsh security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for zsh is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score ...

Several security issues were fixed in Zsh ...

NULL dereference in cd in sh compatibility mode under given circumstancesIn builtinc in zsh before 54, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set (CVE-2017-18205) Null-pointer deref when using ${(PA)} on an empty array result:In substc in zsh ...

A buffer overflow flaw was found in the zsh shell symbolic link resolver A local, unprivileged user can create a specially crafted directory path which leads to a buffer overflow in the context of the user trying to do a symbolic link resolution in the aforementioned path If the user affected is privileged, this leads to privilege escalation(CVE ...

A NULL pointer dereference flaw was found in the code responsible for the cd builtin command of the zsh package An attacker could use this flaw to cause a denial of service by crashing the user shell ...