Security: "Bug in Bash shell creates big security hole"

Via Ars Technica:

> Because of its wide distribution, the vulnerability could be as wide-ranging and as potentially dangerous as the Heartbleed bug. The vulnerability affects versions 1.14 through 4.3 of GNU Bash. Patches have been issued by many of the major Linux distribution vendors for affected versions, including:

Red Hat Enterprise Linux (versions 4 through 7) and the Fedora distribution

CentOS (versions 5 through 7)

Ubuntu 10.04 LTS, 12.04 LTS, and 14.04 LTS


There is an easy test to determine if a Linux or Unix system is vulnerable. To check your system, from a command line, type:

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the system is vulnerable, the output will be:

vulnerable this is a test

Patch those servers, everyone!

4 Replies

followup – CVE-2014-7169

If you're an Ubuntu user then you've been busy there were 14 USNs in 2 days!

Was a bit of a pain in the ass trying to figure out how to get the right bash update for Squeeze but someone pointed me to it.

Keep figuring – there are more CVEs every day. ;-)


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct