View Issue Details

IDProjectCategoryView StatusLast Update
0003891Kali Linux[All Projects] General Bugpublic2018-07-27 10:23
Reportermright007Assigned Torhertzog 
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version2016.2 
Target VersionFixed in Version2018.3 
Summary0003891: Arbitrary command execution after tab pressed twice to list "umount" command.
DescriptionCommand in volume name is executed when "umount " command is entered and "tab" button is pressed twice.
Steps To ReproduceFirst, I changed the volume name of my USB drive to "$(date)" using this command below:
# fatlabel /dev/sdb1 "\$(date)"
Second, plug in the USB drive to kali and mount it.

Last step, when you input "umount " and press "tab" twice(for command compeletion), "date" command is executed and result is in the output.
Additional Informationif you replace "date" command with "reboot", kali will shutdown.

Activities

mright007

mright007

2017-02-22 02:32

reporter  

kali_bug.jpg (432,570 bytes)
crash

crash

2017-03-07 09:41

reporter   ~0006471

Hi man!
I tested your bug. Could you meet me at #kali-linux irc channel @freenode?

Thanks.
rhertzog

rhertzog

2018-07-27 10:23

administrator   ~0009392

This has been fixed upstream. https://bugs.debian.org/892179 and CVE-2018-7738 are related to this issue.

util-linux 2.31.1-0.5 and newer have the fix.

Issue History

Date Modified Username Field Change
2017-02-22 02:32 mright007 New Issue
2017-02-22 02:32 mright007 File Added: kali_bug.jpg
2017-03-07 09:41 crash Note Added: 0006471
2017-03-07 13:28 rhertzog Assigned To => rhertzog
2017-03-07 13:28 rhertzog Status new => assigned
2018-06-22 06:19 g0tmi1k Severity major => minor
2018-06-22 06:20 g0tmi1k Priority high => normal
2018-07-27 10:23 rhertzog Status assigned => resolved
2018-07-27 10:23 rhertzog Resolution open => fixed
2018-07-27 10:23 rhertzog Fixed in Version => 2018.3
2018-07-27 10:23 rhertzog Note Added: 0009392