CVE-2016-9401
MEDIUMbash <popd - Use After Free
Title source: llmDescription
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
References (7)
Scores
CVSS v3
5.5
EPSS
0.0006
EPSS Percentile
18.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Classification
CWE
CWE-416
Status
draft
Affected Products (22)
gnu/bash
< 4.4
gnu/bash
gnu/bash
gnu/bash
gnu/bash
gnu/bash
debian/debian_linux
redhat/enterprise_linux_desktop
redhat/enterprise_linux_desktop
redhat/enterprise_linux_server
redhat/enterprise_linux_server
redhat/enterprise_linux_server_aus
redhat/enterprise_linux_server_aus
redhat/enterprise_linux_server_aus
redhat/enterprise_linux_server_eus
... and 7 more
Timeline
Published
Jan 23, 2017
Tracked Since
Feb 18, 2026