Privilege escalation

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

PT-2022-13263

Name of the Vulnerable Software and Affected Versions util-linux versions prior to 2.37.4 Description A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an INPUTRC environment variable to get a path to the library config file...

CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

CVE-2022-0563

CVE-2022-0563 affects util-linux chfn/chsh utilities when built with Readline. The Readline library may expose data from the INPUTRC file to unprivileged users, enabling reading of root-owned files and potential privilege escalation. Affected versions are prior to 2.37.4. Remediation noted in mul...

CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

Denial Of Service (DoS)

util-linux is vulnerable to denial of service...

[SECURITY] Fedora 35 Update: util-linux-2.37.4-1.fc35

The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, Util-linux contains the fdisk configuration tool and the login program...

Fedora: Security Advisory for util-linux (FEDORA-2022-b7de97d0a9)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

util-linux has unspecified vulnerabilities

util-linux is an open source package. util-linux suffers from a security vulnerability that stems from the partial disclosure of arbitrary files in CHFN and CHSH when Util-linux is compiled with libreadline. No detailed vulnerability details are available...

Slackware Linux 15.0 / current util-linux Vulnerability (SSA:2022-046-02)

The version of util-linux installed on the remote host is prior to 2.37.4. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-046-02 advisory. - A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an...

[slackware-security] util-linux

New util-linux packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/util-linux-2.37.4-i586-1slack15.0.txz: Upgraded. This release fixes a security issue in chsh1 and chfn8: By default, these...

CVE-2022-0563

A flaw was found in the Linux kernel’s util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message...

util-linux 安全漏洞

util-linux is an open source package. util-linux suffers from a security vulnerability that stems from the partial disclosure of arbitrary files in CHFN and CHSH when Util-linux is compiled with libreadline. No detailed vulnerability details are available...

EulerOS Virtualization 3.0.6.0 : util-linux (EulerOS-SA-2022-1102)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - DISPUTED An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to...

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2022-1152)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2022-1102)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : util-linux (EulerOS-SA-2022-1152)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - DISPUTED An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to...

Ubuntu: Security Advisory (USN-5279-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...