URL: <https://savannah.gnu.org/bugs/?68392>
Summary: bash-5.3 - UAF leading to arbitrary command
execution in restricted mode
Group: The GNU Bourne-Again SHell
Submitter: None
Submitted: Fri 22 May 2026 06:52:27 PM UTC
Category: None
Severity: 3 - Normal
Priority: 5 - Normal
Item Group: None
Status: None
Privacy: Private
Assigned to: None
Open/Closed: Open
Discussion Lock: Unlocked
_______________________________________________________
Follow-up Comments:
-------------------------------------------------------
Date: Fri 22 May 2026 06:52:27 PM UTC By: Anonymous
Hi,
I found a UAF in bash 5.3. I'm able to successfully exploit it to execute
arbitrary commands and bypass restricted mode with invalid PATH in a
non-writable working directory.
You can e-mail me at [email protected] for details.
If needed, my GPG key is at https://keybase.io/pgregoire
Philippe Grégoire
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?68392>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
signature.asc
Description: PGP signature
