{ "document": { "aggregate_severity": { "text": "Medium" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/ubuntu16.04els/vex/2018/cve-2018-1071-els_os-ubuntu16_04els.json" } ], "tracking": { "current_release_date": "2026-04-24T11:44:11Z", "generator": { "date": "2026-04-24T11:44:11Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2018-1071-ELS_OS-UBUNTU16.04ELS", "initial_release_date": "2018-03-09T15:29:00Z", "revision_history": [ { "date": "2018-03-09T15:29:00Z", "number": "1", "summary": "Initial version" }, { "date": "2026-04-20T15:27:18Z", "number": "2", "summary": "Official Publication" }, { "date": "2026-04-24T11:44:11Z", "number": "3", "summary": "Update document" } ], "status": "final", "version": "3" }, "title": "Security update on CVE-2018-1071" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Ubuntu 16.04", "product": { "name": "Ubuntu 16.04", "product_id": "Ubuntu-16", "product_identification_helper": { "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" } } } ], "category": "product_family", "name": "Ubuntu" }, { "branches": [ { "category": "product_version", "name": "zsh-common-0:5.1.1-1ubuntu2.3.all", "product": { "name": "zsh-common-0:5.1.1-1ubuntu2.3.all", "product_id": "zsh-common-0:5.1.1-1ubuntu2.3.all", "product_identification_helper": { "purl": "pkg:deb/ubuntu/zsh-common@5.1.1-1ubuntu2.3?arch=all" } } } ], "category": "architecture", "name": "all" } ], "category": "vendor", "name": "Canonical Ltd." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "zsh-common-0:5.1.1-1ubuntu2.3+tuxcare.els1.all", "product": { "name": "zsh-common-0:5.1.1-1ubuntu2.3+tuxcare.els1.all", "product_id": "zsh-common-0:5.1.1-1ubuntu2.3+tuxcare.els1.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/zsh-common@5.1.1-1ubuntu2.3%2Btuxcare.els1?arch=all" } } } ], "category": "architecture", "name": "all" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "zsh-common-0:5.1.1-1ubuntu2.3+tuxcare.els1.all as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:zsh-common-0:5.1.1-1ubuntu2.3+tuxcare.els1.all" }, "product_reference": "zsh-common-0:5.1.1-1ubuntu2.3+tuxcare.els1.all", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "zsh-common-0:5.1.1-1ubuntu2.3.all as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:zsh-common-0:5.1.1-1ubuntu2.3.all" }, "product_reference": "zsh-common-0:5.1.1-1ubuntu2.3.all", "relates_to_product_reference": "Ubuntu-16" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-1071", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "description", "text": "zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "known_affected": [ "Ubuntu-16:zsh-common-0:5.1.1-1ubuntu2.3+tuxcare.els1.all", "Ubuntu-16:zsh-common-0:5.1.1-1ubuntu2.3.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2018-1071" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/103359", "url": "http://www.securityfocus.com/bid/103359" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2018:3073", "url": "https://access.redhat.com/errata/RHSA-2018:3073" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=1553531", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553531" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2018/03/msg00038.html", "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00038.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2020/12/msg00000.html", "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00000.html" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/201805-10", "url": "https://security.gentoo.org/glsa/201805-10" }, { "category": "external", "summary": "https://usn.ubuntu.com/3608-1/", "url": "https://usn.ubuntu.com/3608-1/" } ], "release_date": "2018-03-09T15:29:00Z", "remediations": [ { "category": "no_fix_planned", "details": "CVE-2018-1071 is a local-only stack buffer overflow in zsh ≤ 5.4.2 that at worst crashes the zsh process, with no confidentiality or integrity impact and no path to remote compromise or privilege escalation. Exploitation requires an authenticated user actively running the outdated zsh binary; system and service accounts on centrally managed servers/VMs are typically configured with non-interactive shells, keeping this code path out of normal service execution. The flaw was corrected in zsh 5.5 in 2018, so exposure exists only where legacy zsh versions remain in use.", "product_ids": [ "Ubuntu-16:zsh-common-0:5.1.1-1ubuntu2.3+tuxcare.els1.all", "Ubuntu-16:zsh-common-0:5.1.1-1ubuntu2.3.all" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:zsh-common-0:5.1.1-1ubuntu2.3+tuxcare.els1.all", "Ubuntu-16:zsh-common-0:5.1.1-1ubuntu2.3.all" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }