[Bug 1213743] [NEW] subshell that instantly locks up bash, dash, ksh, tcsh, and zsh
Launchpad Bug Tracker
1213743 at bugs.launchpad.net
Sun Aug 18 23:59:41 UTC 2013
*** This bug is a security vulnerability ***
You have been subscribed to a public security bug:
Type this at a shell prompt in gnome-terminal:
$ (yes&)
y
y
y
y
y
y
...
Denial of service. Shell becomes totally unresponsive. Subshell command
is uninterruptible.
An old one that affects bash, dash, ksh, tcsh, and zsh shells at least
in all versions in Ubuntu and further back in Ubuntu pre-history too.
Please note the issue is not related to
https://wiki.ubuntu.com/SecurityTeam/Policies#Unlimited_Local_Resource_Utilization
$ (yes &)
is not a fork bomb or any other kind of resource overutilization. There is only one subshell and only one subprocess being executed in it.
The issue is with buggy signal handling.
** Affects: bash (Ubuntu)
Importance: Undecided
Status: New
** Affects: tcsh (Ubuntu)
Importance: Undecided
Status: New
--
subshell that instantly locks up bash, dash, ksh, tcsh, and zsh
https://bugs.launchpad.net/bugs/1213743
You received this bug notification because you are a member of Ubuntu Foundations Bugs, which is subscribed to bash in Ubuntu.
More information about the foundations-bugs
mailing list