Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201405-15
HistoryMay 18, 2014 - 12:00 a.m.

util-linux: Multiple vulnerabilities

2014-05-1800:00:00
Gentoo Foundation
security.gentoo.org
10

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

27.3%

JSON

Background

util-linux is a suite of Linux programs including mount and umount, programs used to mount and unmount filesystems.

Description

Multiple vulnerabilities have been discovered in util-linux. Please review the CVE identifiers referenced below for details.

Impact

A local attacker may be able to cause a Denial of Service condition, trigger corruption of /etc/mtab, obtain sensitive information, or have other unspecified impact.

Workaround

There is no known workaround at this time.

Resolution

All util-linux users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=sys-apps/util-linux-2.22.2"
OSVersionArchitecturePackageVersionFilename
Gentooanyallsys-apps/util-linux< 2.22.2UNKNOWN

Related

openvas 14
nessus 15
redhat 5
oraclelinux 3
prion 4
cve 4
debiancve 3
centos 1
ubuntucve 4
veracode 2
securityvulns 2
googleprojectzero 1
openvas
openvas
Gentoo Security Advisory GLSA 201405-15
2015-09-29 00:00:00
RedHat Update for util-linux RHSA-2012:0307-03
2012-02-21 00:00:00
RedHat Update for util-linux-ng RHSA-2011:1691-03
2012-07-09 00:00:00
nessus
nessus
GLSA-201405-15 : util-linux: Multiple vulnerabilities
2014-05-19 00:00:00
RHEL 6 : util-linux-ng (RHSA-2011:1691)
2011-12-06 00:00:00
Scientific Linux Security Update : util-linux-ng on SL6.x i386/x86_64
2012-08-01 00:00:00
redhat
redhat
(RHSA-2011:1691) Low: util-linux-ng security, bug fix, and enhancement update
2011-12-06 00:00:00
(RHSA-2012:0307) Low: util-linux security, bug fix, and enhancement update
2012-02-21 00:00:00
(RHSA-2013:0517) Low: util-linux-ng security, bug fix and enhancement update
2013-02-21 00:00:00
oraclelinux
oraclelinux
util-linux security, bug fix, and enhancement update
2012-03-01 00:00:00
util-linux-ng security, bug fix, and enhancement update
2011-12-14 00:00:00
util-linux-ng security, bug fix and enhancement update
2013-02-22 00:00:00
prion
prion
Code injection
2011-04-10 02:55:00
Design/Logic Flaw
2014-01-21 18:55:00
Memory corruption
2011-04-10 02:55:00
cve
cve
CVE-2013-0157
2014-01-21 18:55:00
CVE-2011-1677
2011-04-10 02:55:00
CVE-2011-1676
2011-04-10 02:55:00
debiancve
debiancve
CVE-2013-0157
2014-01-21 18:55:00
CVE-2011-1677
2011-04-10 02:55:00
CVE-2011-1675
2011-04-10 02:55:00
centos
centos
libblkid, libuuid, util, uuidd security update
2013-02-27 19:39:31
ubuntucve
ubuntucve
CVE-2013-0157
2014-01-21 00:00:00
CVE-2011-1676
2011-04-10 00:00:00
CVE-2011-1677
2011-04-10 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 01:07:10
Privilege Escalation
2020-04-10 01:07:09
securityvulns
securityvulns
util-linux / mount information leakage
2013-05-04 00:00:00
[ MDVSA-2013:154 ] util-linux
2013-05-04 00:00:00
googleprojectzero
googleprojectzero
The poisoned NUL byte, 2014 edition
2014-08-25 00:00:00

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

27.3%

JSON
Related for GLSA-201405-15
openvas14nessus15redhat5oraclelinux3prion4cve4debiancve3centos1ubuntucve4veracode2securityvulns2googleprojectzero1