FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

dash -- arith: INTMAX_MIN / -1 overflow

Affected packages
dash < 0.5.13.3

Details

VuXML ID ab2258a2-4cea-11f1-aec8-bc241107513d
Discovery 2026-04-13
Entry 2026-05-11

https://git.kernel.org/pub/scm/utils/dash/dash.git/commit/?id=0034bfe185d3d875cebace8cb3ca5c9dabf9e0f3 reports:

Division and remainder currently guard against division by zero, but not against the signed overflow case INTMAX_MIN / -1. On affected systems this can trigger SIGFPE during arithmetic expansion.

[source]

References

CVE Name CVE-2026-31323
URL https://git.kernel.org/pub/scm/utils/dash/dash.git/commit/?id=0034bfe185d3d875cebace8cb3ca5c9dabf9e0f3

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.