VDB

AWS-2014-007

AWS-2014-007 PUBLISHED

2014/9/25 4:00 PM PDT - Update - We have reviewed CVE-2014-6271 and CVE-2014-7169 and have determined that our APIs and backends are not affected, and except as noted below, our services are not affected. These two CVEs affect the standard bash login shell, which is broadly deployed and used on Linux hosts. We recommend customers check all their Linux hosts to verify that they have up to date versions of the bash shell installed. If you are using Amazon Linux, instances of the default Amazon Linux AMI launched after 2014/9/14 @12:30 PDT will have automatically installed these updates. For more information on updating Amazon Linux, please go here https://alas.aws.amazon.com/ALAS-2014-419.html If you use one of the services listed below, please follow the instructions for each service you use to ensure your software is up to date. Amazon Elastic MapReduce (EMR) – https://forums.aws.amazon.com/ann.jspa?annID=2630 AWS Elastic Beanstalk – https://forums.aws.amazon.com/ann.jspa?annID=2629 AWS OpsWorks and AWS CloudFormation customers should update their instance software according to these instructions: Amazon Linux AMI - https://alas.aws.amazon.com/ALAS-2014-419.html Ubuntu Server: …

Timeline

  • Jan 17, 2015 PoC Published
  • Oct 9, 2019 CVE Published
  • May 6, 2026 Distribution Patch
Open in Interactive Console →
$ Console Community · 100/wk Open console ›