RedHatRHSA-2017:0907(RHSA-2017:0907) Moderate: util-linux security and bug fix update
4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.3%
The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program.
Security Fix(es):
- A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616)
Red Hat would like to thank Tobias StΓΆckmann for reporting this issue.
Bug Fix(es):
- The βfindmnt --target <path>β command prints all file systems where the mount point directory is <path>. Previously, when used in the chroot environment, βfindmnt --target <path>β incorrectly displayed all mount points. The command has been fixed so that it now checks the mount point path and returns information only for the relevant mount point. (BZ#1414481)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | libmount-devel | <Β 2.23.2-33.el7_3.2 | libmount-devel-2.23.2-33.el7_3.2.x86_64.rpm |
| RedHat | 7 | i686 | libuuid-devel | <Β 2.23.2-33.el7_3.2 | libuuid-devel-2.23.2-33.el7_3.2.i686.rpm |
| RedHat | 7 | ppc64 | util-linux-debuginfo | <Β 2.23.2-33.el7_3.2 | util-linux-debuginfo-2.23.2-33.el7_3.2.ppc64.rpm |
| RedHat | 7 | i686 | libmount-devel | <Β 2.23.2-33.el7_3.2 | libmount-devel-2.23.2-33.el7_3.2.i686.rpm |
| RedHat | 7 | s390x | libuuid | <Β 2.23.2-33.el7_3.2 | libuuid-2.23.2-33.el7_3.2.s390x.rpm |
| RedHat | 7 | x86_64 | libblkid-devel | <Β 2.23.2-33.el7_3.2 | libblkid-devel-2.23.2-33.el7_3.2.x86_64.rpm |
| RedHat | 7 | aarch64 | util-linux | <Β 2.23.2-33.el7_3.2 | util-linux-2.23.2-33.el7_3.2.aarch64.rpm |
| RedHat | 7 | s390x | util-linux | <Β 2.23.2-33.el7_3.2 | util-linux-2.23.2-33.el7_3.2.s390x.rpm |
| RedHat | 7 | aarch64 | util-linux-debuginfo | <Β 2.23.2-33.el7_3.2 | util-linux-debuginfo-2.23.2-33.el7_3.2.aarch64.rpm |
| RedHat | 7 | aarch64 | uuidd | <Β 2.23.2-33.el7_3.2 | uuidd-2.23.2-33.el7_3.2.aarch64.rpm |
Related
4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.3%