There is a command injection inside blkid. It uses caching files
(/dev/.blkid.tab or /run/blkid/blkid.tab) to store info about the UUID,
LABEL etc it finds on certain devices.
However, it does not strip " character, so it can be confused to build
variable names containing embedded shell metas, which it would usually
encode inside the value.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
any | any | any | util-linux | < 2.26.1-3 | UNKNOWN |