Skip to navigation

Warning message

log in to add comments or rate this document

Resolution for Bash Code Injection Vulnerability via Specially Crafted Environment Variables (CVE-2014-6271) in Red Hat Enterprise Linux

Updated 2014-09-24T14:30:08+00:00

Issue

  • How to avoid impact to a Red Hat Enterprise Linux system from CVE-2014-6271?
  • How to know if a Red Hat Enterprise Linux system is vulnerable to CVE-2014-6271?
  • How to download and upgrade to the latest version of Bash to make sure my system is not vulnerable to CVE-2014-6271?

Environment

  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 4 (ELS)

Resolution

  • This issue affects all software that uses the Bash shell and parses values of environment variables. This issue is especially dangerous as there are many possible ways Bash can be called by an application. Quite often if an application executes another binary, Bash is invoked to accomplish this. Because of the pervasive use of the Bash shell, this issue is quite serious and should be treated as such.

  • In order to avoid exploitation from CVE-2014-6271, ensure that your system is updated to at least the following versions of Bash.

RHSA-2014:1293

  • Red Hat Enterprise Linux 7 - bash-4.2.45-5.el7_0.2
  • Red Hat Enterprise Linux 6 - bash-4.1.2-15.el6_5.1
  • Red Hat Enterprise Linux 5 - bash-3.2-33.el5.1

RHSA-2014:1294

  • Red Hat Enterprise Linux 4 Extended Lifecycle Support - bash-3.0-27.el4.2
  • Red Hat Enterprise Linux 5.6 Long Life - bash-3.2-24.el5_6.1
  • Red Hat Enterprise Linux 5.9 Extended Update Support - bash-3.2-32.el5_9.2
  • Red Hat Enterprise Linux 6.2 Advanced Update Support - bash-4.1.2-9.el6_2.1
  • Red Hat Enterprise Linux 6.4 Extended Update Support - bash-4.1.2-15.el6_4.1

RHSA-2014:1295

  • SJIS for Red Hat Enterprise Linux 6 - bash-4.1.2-15.el6_5.1.sjis.1

  • SJIS for Red Hat Enterprise Linux 5 - bash-3.2-33.el5_11.1.sjis.1

  • In order to update to the most recent version of the Bash package run the following command:

# yum update bash
  • Specify the package name in order to update to a particular version of Bash. For example, to update a Red Hat Enterprise Linux 6.5 system run:
# yum update bash-4.1.2-15.el6_5.1
  • The only way to fix it is to install updated Bash packages.

  • The safest & simplest thing to do is to perform a system reboot.

  • Carry out the following operation if system cannot be reboot.

/sbin/ldconfig

Root Cause

  • A flaw was found in the bash functionality that evaluates specially formatted environment variables passed to it from another environment.
    An attacker could use this feature to override or bypass restrictions to the environment to execute shell commands before restrictions have been applied. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.

  • For more information about this vulnerability, refer to the following article:
    Bash Code Injection Vulnerability via Specially Crafted Environment Variables (CVE-2014-6271)

Diagnostic Steps

  • To determine if a system is affected by this vulnerability, review the version of Bash:
# rpm -qa bash