CVE-2016-9401

Published: Jan 23, 2017
Updated: Apr 13, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2016-9401" target="_blank" rel="noopener"> CVE-2016-9401
Severity: Medium
Exploit:

popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.

CVSS v3:

CVSS v2:

CWEs:

Software	From	Fixed in
gnu / bash	-	4.4
gnu / bash	4.4-patch2	4.4-patch2.x
gnu / bash	4.4-patch3	4.4-patch3.x
gnu / bash	4.4-patch4	4.4-patch4.x
gnu / bash	4.4-patch5	4.4-patch5.x
gnu / bash	4.4-patch1	4.4-patch1.x
debian / debian_linux	8.0	8.0.x
redhat / enterprise_linux_desktop	7.0	7.0.x
redhat / enterprise_linux_workstation	7.0	7.0.x
redhat / enterprise_linux_server	7.0	7.0.x
redhat / enterprise_linux_desktop	6.0	6.0.x
redhat / enterprise_linux_server	6.0	6.0.x
redhat / enterprise_linux_workstation	6.0	6.0.x
redhat / enterprise_linux_server_aus	7.4	7.4.x
redhat / enterprise_linux_server_eus	7.4	7.4.x
redhat / enterprise_linux_server_eus	7.5	7.5.x
redhat / enterprise_linux_server_tus	7.6	7.6.x
redhat / enterprise_linux_server_eus	7.6	7.6.x
redhat / enterprise_linux_server_aus	7.6	7.6.x
redhat / enterprise_linux_server_eus	7.7	7.7.x
redhat / enterprise_linux_server_aus	7.7	7.7.x
redhat / enterprise_linux_server_tus	7.7	7.7.x