View Issue Details

IDProjectCategoryView StatusLast Update
0003891Kali Linux[All Projects] General Bugpublic2018-07-27 10:23
Reportermright007Assigned Torhertzog 
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version2016.2 
Target VersionFixed in Version2018.3 
Summary0003891: Arbitrary command execution after tab pressed twice to list "umount" command.
DescriptionCommand in volume name is executed when "umount " command is entered and "tab" button is pressed twice.
Steps To ReproduceFirst, I changed the volume name of my USB drive to "$(date)" using this command below:
# fatlabel /dev/sdb1 "\$(date)"
Second, plug in the USB drive to kali and mount it.

Last step, when you input "umount " and press "tab" twice(for command compeletion), "date" command is executed and result is in the output.
Additional Informationif you replace "date" command with "reboot", kali will shutdown.

Activities

mright007

2017-02-22 02:32

reporter  

kali_bug.jpg (432,570 bytes)

crash

2017-03-07 09:41

reporter   ~0006471

Hi man!
I tested your bug. Could you meet me at #kali-linux irc channel @freenode?

Thanks.

rhertzog

2018-07-27 10:23

administrator   ~0009392

This has been fixed upstream. https://bugs.debian.org/892179 and CVE-2018-7738 are related to this issue.

util-linux 2.31.1-0.5 and newer have the fix.

Issue History

Date Modified Username Field Change
2017-02-22 02:32 mright007 New Issue
2017-02-22 02:32 mright007 File Added: kali_bug.jpg
2017-03-07 09:41 crash Note Added: 0006471
2017-03-07 13:28 rhertzog Assigned To => rhertzog
2017-03-07 13:28 rhertzog Status new => assigned
2018-06-22 06:19 g0tmi1k Severity major => minor
2018-06-22 06:20 g0tmi1k Priority high => normal
2018-07-27 10:23 rhertzog Status assigned => resolved
2018-07-27 10:23 rhertzog Resolution open => fixed
2018-07-27 10:23 rhertzog Fixed in Version => 2018.3
2018-07-27 10:23 rhertzog Note Added: 0009392