CVE-2016-9401

Published: 23 January 2017

popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.

Priority

Negligible

CVSS 3 base score: 5.5

Status

Package Release Status
bash
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 20.10 (Groovy Gorilla)
Released (4.4-5ubuntu1)
Ubuntu 20.04 LTS (Focal Fossa)
Released (4.4-5ubuntu1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.4-5ubuntu1)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.3-14ubuntu1.2)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (4.3-7ubuntu1.7)
Patches:
Upstream: https://ftp.gnu.org/pub/gnu/bash/bash-4.4-patches/bash44-006