Red Hat Bugzilla – Bug 840091
CVE-2012-3410 bash: Stack-based buffer overflow (crash) when expanding /dev/fd file names
Last modified: 2016-03-04 07:01:22 EST
A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names ('test' command) and evaluating /dev/fd file names in conditinal command expressions. A remote attacker could provide a specially-crafted Bash script that, when executed, would cause the bash executable to crash.
This issue affects the versions of the bash package, as shipped with Red Hat Enterprise Linux 5 and 6.
This issue did NOT affect the versions of the bash package, as shipped with Fedora release of 16 and 17, as they got already corrected.
Red Hat does not consider this do be a security issue. The affected code is present in Red Hat Enterprise Linux 5 and 6, but due to use of FORTIFY_SOURCE protections the impact would be limited to a crash. Therefore, there are no plans to correct this issue in Red Hat Enterprise Linux 5 and 6.