CVE-2014-7187

Priority
Medium
Description
Off-by-one error in the read_token_word function in parse.y in GNU Bash
through 4.3 bash43-026 allows remote attackers to cause a denial of service
(out-of-bounds array access and application crash) or possibly have
unspecified other impact via deeply nested for loops, aka the "word_lineno"
issue.
References
Bugs
Package
Source: bash (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (4.3-7ubuntu1.4)
More Information

Updated: 2018-06-26 04:56:59 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)