EUVD-2021-25427

Malware in sbrugna...

CVE-2024-54489

A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Running a mount command may unexpectedly execute arbitrary code...

CVE-2024-28139

The CVE-2024-28139 issue involves the www-data user gaining root privileges because sudo is configured to permit the mount command to run as root without a password. This is a privilege escalation via sudo misconfiguration, not a flaw in a specific application feature. The current narrative acros...

CVE-2024-28139 Privilege escalation through sudo misconfiguration

The www-data user can elevate its privileges because sudo is configured to allow the execution of the mount command as root without a password. Therefore, the privileges can be escalated to the root user. The risk has been accepted by the vendor and won't be fixed in the near future...

PT-2024-36354

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.2 macOS versions prior to Ventura 13.7.2 macOS versions prior to Sonoma 14.7.2 Description: A path handling issue was addressed with improved validation. Running a mount command may unexpectedly execute...

SUSE CVE-2020-27187

An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcoreexternalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related...

Security Bulletin: Vulnerability in mount affects AIX (CVE-2021-38990)

Summary There is a vulnerability in the mount command that affects AIX. Vulnerability Details CVEID: CVE-2021-38990 DESCRIPTION: IBM AIX could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. CVSS Base score: 8.4 CVSS Temporal...

CVE-2021-38990

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952...

CVE-2021-38990

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952...

Design/Logic Flaw

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952...

IBM AIX Privilege Permission and Access Control Issue Vulnerability (CNVD-2022-03206)

IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. IBM AIX is vulnerable to privilege licensing and access control issues, which stem from the fact that the vulnerability exists due to a mount command error. A local user can execute arbitrary...

CVE-2021-38990

CVE-2021-38990 affects IBM AIX 7.1, 7.2, and VIOS 3.1 where a vulnerability in the mount command can be exploited by a non-privileged local user to achieve code execution. Root cause is related to the mount utility; affected filesets are bos.rte.filesystem (AIX TLs 7.1.5.x, 7.2.4.x, 7.2.5.x) and ...

CVE-2021-38990

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952...

Vulnerability fixed in IBM AIX

IBM has fixed a vulnerability in AIX. A local malicious party can, through manipulation of the mount command execute arbitrary code, possibly with elevated privileges up to root privileges. IBM has released updates to fix the vulnerability in AIX v 7.1 and 7.2. For more information, see:...

AIX (IJ35620)

The version of AIX installed on the remote host is prior to APAR IJ35620. It is, therefore, affected by a vulnerability as referenced in the IJ35620 advisory. - IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead ...

AIX (IJ35826)

The version of AIX installed on the remote host is prior to APAR IJ35826. It is, therefore, affected by a vulnerability as referenced in the IJ35826 advisory. - IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead ...

There is a vulnerability in the mount command that affects AIX.,There is a vulnerability in the mount command that affects VIOS.

IBM SECURITY ADVISORY First Issued: Thu Jan 6 09:30:39 CST 2022 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/mountadvisory.asc https://aix.software.ibm.com/aix/efixes/security/mountadvisory.asc...

IBM AIX 权限许可和访问控制问题漏洞

IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. IBM AIX is vulnerable to privilege licensing and access control issues, which stem from the fact that the vulnerability exists due to a mount command error. A local user can execute arbitrary...

SUSE SLES15 Security Update : podman (SUSE-SU-2020:3378-1)

This update for podman fixes the following issues : Security issue fixed : This release resolves CVE-2020-14370, in which environment variables could be leaked between containers created using the Varlink API bsc1176804. Non-security issues fixed : add dependency to timezone package or podman fai...

CVE-2020-27187

An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcoreexternalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related...