CVE-2016-9401

Опубликовано: 23 янв. 2017

Источник: debian

EPSS Низкий

Описание

popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.

Пакет	Статус	Версия исправления	Релиз	Тип
bash	fixed	4.4-3		package
bash	no-dsa		wheezy	package

Upstream bash considers this issue only to be a bug.
Proposed patch: https://lists.gnu.org/archive/html/bug-bash/2016-11/msg00116.html
Fixed by (4.4): https://ftp.gnu.org/pub/gnu/bash/bash-4.4-patches/bash44-006

EPSS

Процентиль: 6%

0.00025

Низкий

CVE-2016-9401

CVSS3: 5.5

ubuntu

почти 9 лет назад

popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.

CVE-2016-9401

CVSS3: 3.3

redhat

почти 9 лет назад

popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.

CVE-2016-9401

CVSS3: 5.5

nvd

почти 9 лет назад

popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.

openSUSE-SU-2017:1402-1

suse-cvrf

больше 8 лет назад

Security update for bash

SUSE-SU-2017:1337-1

suse-cvrf

больше 8 лет назад

Security update for bash

EPSS

Процентиль: 6%

0.00025

Низкий