CVE-2016-9401
See a problem?- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-9401
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9401.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-9401
- Related
- Published
- 2017-01-23T21:59:02Z
- Modified
- 2024-09-18T02:37:30.628186Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
- References
-
- http://rhn.redhat.com/errata/RHSA-2017-0725.html
- http://www.securityfocus.com/bid/94398
- https://access.redhat.com/errata/RHSA-2017:1931
- https://security.gentoo.org/glsa/201701-02
- http://www.openwall.com/lists/oss-security/2016/11/17/5
- http://www.openwall.com/lists/oss-security/2016/11/17/9
- https://lists.debian.org/debian-lts-announce/2019/03/msg00028.html
- https://security.alpinelinux.org/vuln/CVE-2016-9401
- https://security-tracker.debian.org/tracker/CVE-2016-9401
Affected packages
Alpine:v3.2 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.33-r2
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
Alpine:v3.3 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.42-r5
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.42-r4
Alpine:v3.4 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.42-r5
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.42-r4
Alpine:v3.5 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.46-r5
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
Debian:11 / bash
Package
- Name
- bash
- Purl
- pkg:deb/debian/bash?arch=source
Debian:12 / bash
Package
- Name
- bash
- Purl
- pkg:deb/debian/bash?arch=source
Debian:13 / bash
Package
- Name
- bash
- Purl
- pkg:deb/debian/bash?arch=source