<p>There is no fixed version for <code>Debian:8</code> <code>bash</code>.</p>

Improper Check for Dropped Privileges Affecting bash package, versions *

Snyk CVSS

Attack Complexity Low

Confidentiality High

Integrity High

Availability High

Threat Intelligence

Exploit Maturity Mature

EPSS 0.11% (44^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-DEBIAN8-BASH-536279
published 28 Nov 2019
disclosed 28 Nov 2019

Report a new vulnerability Found a mistake?

Introduced: 28 Nov 2019

CVE-2019-18276 Open this link in a new tab CWE-273 Open this link in a new tab

How to fix?

There is no fixed version for Debian:8 bash.

NVD Description

Note: Versions mentioned in the description apply only to the upstream bash package and not the bash package as distributed by Debian. See How to fix? for Debian:8 relevant fixed versions and status.

An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.