CVE-2017-2616

A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions...

SUSE SLED12 / SLES12 Security Update : util-linux (SUSE-SU-2018:2071-1)

This update for util-linux fixes the following issues : The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...

Security Bulletin: A vulnerability in util-linux affects PowerKVM

Summary PowerKVM is affected by a vulnerability in util=linux. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2017-2616 DESCRIPTION: util-linux could allow a local authenticated attacker to bypass security restrictions, caused by a race condition when handling the...

Security Bulletin: A vulnerability in util-linux affects PowerKVM (CVE-2016-5011)

Summary PowerKVM is affected by a vulnerability in the util-linux package's libblkid library. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-5011 DESCRIPTION: Util-linux is vulnerable to a denial of service, caused by an error when parsing Master Boot Record MBR...

Security Bulletin: Multiple security vulnerabilities have been fixed in products bundled with IBM Security Directory Suite 8.0.1

Summary Multiple security vulnerabilities have been fixed in products bundled with IBM Security Directory Suite 8.0.1 Vulnerability Details CVEID: CVE-2015-8778 DESCRIPTION: GNU C Library glibc could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in...

Security Bulletin: IBM Security Network Protection is affected by a vulnerability in coreutils (util-linux)

Summary A security vulnerability has been discovered in coreutils util-linux, which is used by IBM Security Network Protection. Vulnerability Details CVEID: CVE-2017-2616 DESCRIPTION: util-linux could allow a local authenticated attacker to bypass security restrictions, caused by a race condition...

MGASA-2018-0237 Updated util-linux packages fix security vulnerability

A command injection flaw was found in the way util-linux implements umount autocompletion in Bash. An attacker with the ability to mount a filesystem with custom mount points may execute arbitrary commands on behalf of the user who triggers the umount autocompletion CVE-2018-7738...

Critical Photon OS Security Update - PHSA-2018-0037

Updates of 'linux-aws', 'mysql', 'paramiko', 'linux-secure', 'patch', 'python3', 'net-snmp', 'linux-esx', 'binutils', 'linux', 'mercurial', 'pycrypto', 'python2', 'util-linux', 'xerces-c', 'zsh', 'sqlite' packages of Photon OS have been released...

Fedora 27 : util-linux (2018-668664ba84)

Security fix for CVE-2018-7738 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...

Fedora Update for util-linux FEDORA-2018-668664ba84

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 27 Update: util-linux-2.30.2-2.fc27

The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, Util-linux contains the fdisk configuration tool and the login program...

Debian DSA-4134-1 : util-linux - security update

Bjorn Bosselmann discovered that the umount bash completion from util-linux does not properly handle embedded shell commands in a mountpoint name. An attacker with rights to mount filesystems can take advantage of this flaw for privilege escalation if a user in particular root is tricked into usi...

[SECURITY] [DSA 4134-1] util-linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4134-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 10, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4134-1] util-linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4134-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 10, 2018 https://www.debian.org/security/faq -...

DSA-4134-1 util-linux - security update

Bulletin has no description...

Debian: Security Advisory (DSA-4134-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-201803-02 : util-linux: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201803-02 util-linux: User-assisted execution of arbitrary code It was discovered that the umount bash-completion as provided by util-linux does not escap mount point paths. Impact : An attacker controlling a volume label could...

CVE-2018-7738

In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command within Bash by a different user, as demonstrated by logging in as root and entering umount followed by a tab...

DEBIAN-CVE-2018-7738

In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command within Bash by a different user, as demonstrated by logging in as root and entering umount followed by a tab...

UBUNTU-CVE-2018-7738

In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command within Bash by a different user, as demonstrated by logging in as root and entering umount followed by a tab...