| Name | CVE-2025-27234 |
| Description | Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| zabbix (PTS) | bullseye | 1:5.0.8+dfsg-1 | vulnerable |
| bullseye (security) | 1:5.0.46+dfsg-1+deb11u1 | vulnerable | |
| bookworm | 1:6.0.14+dfsg-1 | fixed | |
| forky, sid, trixie | 1:7.0.10+dfsg-2 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| zabbix | source | (unstable) | 1:6.0.7+dfsg-2 |
https://support.zabbix.com/browse/ZBX-26985
5.0.0-5.0.46 specific issue, thus mark the first version in unstable from the
6.0.0 series onwards as the fixed version as workaround.
Fixed in 5.0.47
Internal issue DEV-4211 (Related to CVE-2025-27233)
Fixed by [1/8]: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/04f541edac542f12a903f9fb82046c45edf8c357 (5.0.47rc1)
Fixed by [2/8]: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/b37ba84a92756f3b77dec1f181f8d6ba1e206f57 (5.0.47rc1)
Fixed by [3/8]: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/752b763bea758c11693b0fd034265729d1867240 (5.0.47rc1)
Fixed by [4/8]: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/05e0fa369c6ef4ddbddc54c530249b6d67634198 (5.0.47rc1)
Fixed by [5/8]: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/188490c97e3f72e9fd3836654f0dee5922159929 (5.0.47rc1)
Fixed by [6/8]: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/a4b2d7f2bc7c32d6753f5cadca9eebacbf0d1b04 (5.0.47rc1)
Fixed by [7/8]: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/3d471b650f133c43935f7db38cf277122d253a3a (5.0.47rc1)
Fixed by [8/8]: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/d18935be5fadca6c85ce0a715ce85e757d1dc80b (5.0.47rc1)