A vulnerability in zsh could allow a local attacker to execute a program without proper authorization on a targeted system.
The vulnerability exists because the affected software improperly truncates shebang (#!) lines that exceed 64 characters. An attacker could exploit this vulnerability by accessing the shell and submitting a shebang line longer than 64 characters to a targeted system. A successful exploit could cause the software to make an execve() call to a program name that is a substring of the intended one, which could allow the attacker to execute a program without proper authorization on the system.
Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available.
The vendor has confirmed the vulnerability and released software updates.
Security Impact Rating: Low