CVE-2014-7187

Priority
Description
Off-by-one error in the read_token_word function in parse.y in GNU Bash
through 4.3 bash43-026 allows remote attackers to cause a denial of service
(out-of-bounds array access and application crash) or possibly have
unspecified other impact via deeply nested for loops, aka the "word_lineno"
issue.
References
Bugs
Package
Source: bash (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (4.3-7ubuntu1.4)
More Information

Updated: 2018-09-26 07:05:04 UTC (commit 2c85db1cbbe986be0a0659e41e8f961058e5adca)