SUSE CVE-2015-5218

Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service crash via a crafted file, related to the page global variable...

SUSE CVE-2015-5224

The mkostemp function in login-utils in util-linux when used incorrectly allows remote attackers to cause file name collision and possibly other attacks...

SUSE CVE-2016-2779

runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...

SUSE CVE-2016-5011

The parsedosextended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service memory consumption via a crafted MSDOS partition table with an extended partition boot record at zero offset...

SUSE CVE-2017-2616

A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions...

SUSE CVE-2018-7738

In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command within Bash by a different user, as demonstrated by logging in as root and entering umount followed by a tab...

SUSE CVE-2021-3996

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves like /tmp or mounted in a...

SUSE CVE-2021-37600

An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic...

SUSE CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

Amazon Linux 2 : libblkid, libblkid-devel, libfdisk (ALAS-2023-1920)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1920 advisory. DISPUTED An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the...

Low: util-linux

Issue Overview: DISPUTED An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and...

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2023-1302)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : util-linux (EulerOS-SA-2023-1302)

According to the versions of the util-linux package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use syste...

util-linux bug fix and enhancement update

An update is available for util-linux. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The util-linux packages contain a large variety of low-level system...

Amazon Linux 2022 : util-linux (ALAS2022-2022-218)

The version of util-linux installed on the remote host is prior to 2.37.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-218 advisory. - A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to...

Amazon Linux 2 : util-linux (ALAS-2022-1901)

The version of util-linux installed on the remote host is prior to 2.30.2-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1901 advisory. A flaw was found in the Linux kernel's util-linux chfn and chsh utilities when compiled with Readline support. The Readline...

Amazon Linux 2 : util-linux (ALAS-2022-1878)

The version of util-linux installed on the remote host is prior to 2.30.2-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1878 advisory. A command injection flaw was found in the way util-linux implements umount autocompletion in Bash. An attacker with the ability...

Medium: util-linux

Issue Overview: A command injection flaw was found in the way util-linux implements umount autocompletion in Bash. An attacker with the ability to mount a filesystem with custom mount points may execute arbitrary commands on behalf of the user who triggers the umount autocompletion. CVE-2018-7738...

Medium: util-linux

Issue Overview: A flaw was found in the Linux kernel's util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error...

util-linux bug fix and enhancement update

An update is available for util-linux. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9...