23 matches found
CVE-2026-27456 affecting package util-linux for versions less than 2.40.2-4
CVE-2026-27456 affecting package util-linux for versions less than 2.40.2-4. A patched version of the package is available...
Fedora: Security Advisory (FEDORA-2025-40fe2fec53)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2011-1675
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows...
New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking
Details have emerged about a vulnerability impacting the "wall" command of the util-linux package that could be potentially exploited by a bad actor to leak a user's password or alter the clipboard on certain Linux distributions. The bug, tracked as CVE-2024-28085, has been codenamed WallEscape b...
Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2022-2192)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Critical Photon OS Security Update - PHSA-2021-0081
Updates of 'util-linux' packages of Photon OS have been released...
SUSE: Security Advisory (SUSE-SU-2019:0390-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2020-1620)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 4 : util-linux (CESA-2009:0981)
An updated util-linux package that fixes one security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The util-linux package contains a collection of basic system utilities, such as fdisk and mount. A log...
Low: Red Hat Bug Fix Advisory: util-linux bug-fix update
An updated util-linux package that fixes multiple bugs is now available. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, util-linux contains the fdisk configuration tool and the login program. This upda...
CVE-2001-1494
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command...
RHEL 2.1 : util-linux (RHSA-2004:056)
Updated util-linux packages that fix an information leak in the login program are now available. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. In some situations, the login program could use a pointer that had been...
RHEL 2.1 : util-linux (RHSA-2002:137)
The util-linux package shipped with Red Hat Linux Advanced Server contains a locally exploitable vulnerability. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. The 'chfn' utility included in this package allows users...
CVE-2002-0638
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in...
RAZOR advisory: Linux util-linux chfn local root vulnerability
Linux util-linux chfn local root vulnerability Issue Date: July 29, 2002 Contact: Michal Zalewski CVE: CAN-2002-0638 CERT vulnerability note: http://www.kb.cert.org/vuls/id/405955 the URL should be accessible soon Topic: A locally exploitable vulnerability is present in the util-linux package...
Moderate: Red Hat Security Advisory: : : : Updated util-linux package fixes password locking race
A locally exploitable vulnerability is present in the util-linux package which shipped with Red Hat Linux. Updated 8 July 2003 Added packages for Red Hat Linux on IBM iSeries and pSeries systems. The util-linux package contains a large variety of low-level system utilities that are necessary for ...
util-linux package vulnerable to privilege escalation when "ptmptmp" file is not removed properly when using "chfn" utility
Overview The util-linux package contains a race condition vulnerability that can be used to elevate privileges on the system. Description util-linux is shipped with Red Hat Linux and numerous other Linux distributions. It contains a collection of utility programs, such as fstab, mkfs, and chfn. T...
CVE-2001-1147
The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pamlimits...
CVE-2001-1147
CVE-2001-1147 affects util-linux’s /bin/login PAM handling prior to version 2.11, where a static pwent buffer could be rewritten across PAM calls. In non-default configurations (notably with pam_limits), this could leak one user’s credentials to another. The advisories (Mandrake, Red Hat) documen...
CVE-2001-1175
CVE-2001-1175 : In vipw from the util-linux package, before version 2.10, editing /etc/shadow could leave the file world-readable in some cases, enabling local users to more easily perform brute-force password guessing. Supported details in connected docs show Red Hat advisories (RHSA-2001:95, 13...