CVE-2016-9401: popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.

medium5.5CVSS 3.1

AVLACLPRLUINSUCNINAH

popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.

25 ranges

Vendor	Product	Version range	Fixed in
debian	bash	< bash 4.4-3 (bookworm)	bash 4.4-3 (bookworm)
debian	debian_linux	—	—
gnu	bash	< 4.4	4.4
gnu	bash	—	—
gnu	bash	>= 0 < 4.4-3	4.4-3
gnu	bash	>= 0 < 4.4-3	4.4-3
gnu	bash	>= 0 < 4.4-3	4.4-3
gnu	bash	>= 0 < 4.4-3	4.4-3
gnu	bash	>= 0 < 4.3-7ubuntu1.7	4.3-7ubuntu1.7
gnu	bash	>= 0 < 4.3-14ubuntu1.2	4.3-14ubuntu1.2
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_tus	—	—
redhat	enterprise_linux_server_tus	—	—
redhat	enterprise_linux_workstation	—	—
redhat	enterprise_linux_workstation	—	—

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

osv7.5HIGH