A NULL pointer dereference flaw was found in the code responsible for the cd builtin command of the zsh package. An attacker could use this flaw to cause a denial of service by crashing the user shell.
A flaw was found in zsh prior 5.3.1. There is a vulnerability when in sh compatibility mode if HOME was not set
and cd was used with no argument.
(In reply to Laura Pardo from comment #0)
> A flaw was found in zsh prior 5.3.1.
The commit you refer to landed (217 commits) _after_ the 5.3.1 release.
fixed in zsh-5.3.1-7.fc26
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2018:3073 https://access.redhat.com/errata/RHSA-2018:3073