CVE-2021-45444 — HIGH (7.8)

Q: How severe is CVE-2021-45444?

CVE-2021-45444 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-45444?

Check the references section above for vendor advisories and patch information. Affected products include: Zsh Zsh, Fedoraproject Fedora, Debian Debian Linux, Apple Mac Os X, Apple Macos.

Vulnerability Description

In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Zsh	Zsh	< 5.8.1
Fedoraproject	Fedora	34
Debian	Debian Linux	9.0
Apple	Mac Os X	>= 10.15, < 10.15.7
Apple	Macos	>= 11.0, < 11.6.6

References

http://seclists.org/fulldisclosure/2022/May/33Mailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2022/May/35Mailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2022/May/38Mailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2022/02/msg00020.htmlMailing ListThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://support.apple.com/kb/HT213255Third Party Advisory
https://support.apple.com/kb/HT213256Third Party Advisory
https://support.apple.com/kb/HT213257Third Party Advisory
https://vuln.ryotak.me/advisories/63Third Party Advisory
https://www.debian.org/security/2022/dsa-5078Third Party Advisory
https://zsh.sourceforge.io/releases.htmlRelease NotesThird Party Advisory
http://seclists.org/fulldisclosure/2022/May/33Mailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2022/May/35Mailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2022/May/38Mailing ListThird Party Advisory

FAQ

What is CVE-2021-45444?

CVE-2021-45444 is a vulnerability with a CVSS score of 7.8 (HIGH). In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansio...

How severe is CVE-2021-45444?

CVE-2021-45444 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-45444?

Check the references section above for vendor advisories and patch information. Affected products include: Zsh Zsh, Fedoraproject Fedora, Debian Debian Linux, Apple Mac Os X, Apple Macos.