| Name | TEMP-0841856-B18BAF |
| Description | Privilege escalation possible to other user than root |
| Source | Automatically generated temporary name. Not for external reference. |
| Debian Bugs | 841856 |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| bash (PTS) | jessie, jessie (lts) | 4.3-11+deb8u2 | vulnerable |
| stretch | 4.4-5 | vulnerable |
| buster | 5.0-4 | vulnerable |
| bullseye | 5.1-2+deb11u1 | vulnerable |
| bookworm | 5.2.15-2 | vulnerable |
| sid, trixie | 5.2.21-2 | vulnerable |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| bash | source | (unstable) | (unfixed) | unimportant | | 841856 |
Notes
This is strongly related to the problem described in CVE-2016-7543 and the correction
is very similar.
https://lists.gnu.org/archive/html/bug-bash/2015-12/msg00112.html