JLSEC-2025-191 A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

Mandrake Linux Security Advisory : util-linux (MDKSA-2002:047)

Michal Zalewski found a vulnerability in the util-linux package with the chfn utility. This utility allows users to modify some information in the /etc/passwd file, and is installed setuid root. Using a carefully crafted attack sequence, an attacker can exploit a complex file locking and...

RHEL 2.1 : util-linux (RHSA-2002:137)

The util-linux package shipped with Red Hat Linux Advanced Server contains a locally exploitable vulnerability. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. The 'chfn' utility included in this package allows users...