Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < 1a0c640ce1cdcde3eb131a0c1e70ca1ed7cf27cb |