CVE-2021-3996

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves like /tmp or mounted in a...

CVE-2021-3996

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves like /tmp or mounted in a...

CVE-2021-3995

CVE-2021-3995 is a logic error in util-linux’s libmount that allows an unprivileged local attacker to unmount FUSE filesystems or other users’ world-writable mounts, potentially causing DoS. Affected: util-linux (libmount). Root cause: logic flaw in libmount’s unmount handling. Impact: denial of ...

CVE-2021-3996

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves like /tmp or mounted in a...

EulerOS Virtualization 2.10.1 : util-linux (EulerOS-SA-2022-2069)

According to the versions of the util-linux package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an...

EulerOS Virtualization 2.10.0 : util-linux (EulerOS-SA-2022-2041)

According to the versions of the util-linux package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an...

Trufflehog - Find Credentials All Over The Place

TruffleHog Find leaked credentials. Join The Slack Have questions? Feedback? Jump in slack and hang out with us https://join.slack.com/t/trufflehog-community/sharedinvite/zt-pw2qbi43-Aa86hkiimstfdKH9UCpPzQ Demo docker run -it -v "$PWD:/pwd" trufflesecurity/trufflehog:latest github...

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2022-2041)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-26016

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the Linux kernel, specifically with the btrfs filesystem. On zoned filesystems, data write out is limited by max zone append size, and a large ordered extent is...

udisks2 security and bug fix update

2.9.0-9 - Fix LVM-VDO statistics tests 2023880,2025483 - Fix GError ownership 1999149 2.9.0-8 - CVE-2021-3802: Harden the default mount options for ext filesystems 2004422...

Kubeclarity - Tool For Detection And Management Of Software Bill Of Materials (SBOM) And Vulnerabilities Of Container Images And Filesystems

KubeClarity is a tool for detection and management of Software Bill Of Materials SBOM and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security. SBOM & vulnerability detection challenges Effective...

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2022-1668)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2022-1640)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:1335-1 Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-197102 fixes several issues. The following security issues were fixed: - CVE-2022-1016: Fixed a vulnerability in the nftables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from...

OESA-2022-1593 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw use after free in the Linux kernel FUSE filesystem was found in the way user triggers write. A local user could use this flaw to get some unauthorized access to some data from the FUSE filesystem and as result potentially...

openSUSE 15 Security Update : libeconf, shadow and util-linux (openSUSE-SU-2022:0727-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0727-1 advisory. - A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE...

OESA-2022-1536 util-linux security update

The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fixes: A logical error was found in util-linux's libmount library in a function that allows unprivileged users to unmount FUSE filesystems. Incorrect uid checking allows...

Updated util-linux packages fix security vulnerability

An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic...

Ubuntu: Security Advisory (USN-5279-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible

An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible insecure temporary directory when running becomeuser from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9.9...