{"id":"CVE-2016-7543","details":"Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.","modified":"2026-04-16T01:44:04.572164887Z","published":"2017-01-19T20:59:00.470Z","related":["SUSE-SU-2016:2872-1","SUSE-SU-2017:0302-1","SUSE-SU-2017:2699-1","SUSE-SU-2017:2700-1","SUSE-SU-2018:1398-1","SUSE-SU-2018:1398-2"],"references":[{"type":"WEB","url":"http://www.securitytracker.com/id/1037812"},{"type":"WEB","url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05388115"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7XOQSHU63Y357NHU5FPTFBM6I3YOCQB/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU3C756YPHDAAPFX76UGZBAQQQ5UMHS5/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2VRBSIPZDZ75ZQ2DLITHUIDW4W26KVR/"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2016/09/26/9"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/93183"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2017-0725.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1931"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201701-02"},{"type":"FIX","url":"https://lists.gnu.org/archive/html/bug-bash/2016-09/msg00018.html"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.3"}]},{"events":[{"introduced":"0"},{"last_affected":"23"}]},{"events":[{"introduced":"0"},{"last_affected":"24"}]},{"events":[{"introduced":"0"},{"last_affected":"25"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7543.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}