util-linux: Sending SIGKILL to other processes with root privileges via su

A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions...

util-linux security and bug fix update

2.23.2-33.0.1.el7u3.2 - fix Oracle bug 23001516 - backport lscpu: correct the Virtualization type on Xen DomU PV guest - Reviewed-by: Joe Jin 2.23.2-33.el73.2 fix CVE-2017-2616 - Sending SIGKILL to other processes with root privileges via su 2.23.2-33.el73.1 - fix 1405238 - findmnt --target...

CVE-2016-5011

The parsedosextended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service memory consumption via a crafted MSDOS partition table with an extended partition boot record at zero offset...

CVE-2016-5011

The parsedosextended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service memory consumption via a crafted MSDOS partition table with an extended partition boot record at zero offset...

CVE-2016-5011

CVE-2016-5011 affects the libblkid component of util-linux (partitions/dos.c). The root cause is a vulnerability in parse_dos_extended that allows a crafted MSDOS partition table with an extended partition boot record at offset zero to cause memory consumption leading to a denial of service. The ...

CVE-2014-9114

Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code...

DEBIAN-CVE-2014-9114

Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code...

UBUNTU-CVE-2014-9114

Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code...

CVE-2014-9114

Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code...

Code injection

Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code...

CVE-2014-9114

CVE-2014-9114 affects util-linux Blkid; BlkId in util-linux before 2.26rc-1 allows local users to execute arbitrary code. Affected component is the blkid functionality in util-linux. The provided documents do not specify mitigations or patch versions beyond the vulnerable range; no explicit explo...

CVE-2014-9114

Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code...

CVE-2014-9114

Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code...

CVE-2014-9114

Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code...

openSUSE Security Update : util-linux (openSUSE-2017-305)

This update for util-linux fixes the following issues : This security issue was fixed : - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges bsc1023041. This non-security issues were fixed : - lscpu: Implement WSL...

openSUSE Security Update : util-linux (openSUSE-2017-306)

This update for util-linux fixes the following issues : This security issue was fixed : - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges bsc1023041. This non-security issues were fixed : - lscpu: Implement WSL...

Updated util-linux packages fix security vulnerability

With the su command from util-linux before 2.29.2, it is possible for any local user to send SIGKILL to other processes with root privileges. To exploit this, the user must be able to perform su with a successful login. SIGKILL can only be sent to processes which were executed after the su proces...

MGASA-2017-0072 Updated util-linux packages fix security vulnerability

With the su command from util-linux before 2.29.2, it is possible for any local user to send SIGKILL to other processes with root privileges. To exploit this, the user must be able to perform su with a successful login. SIGKILL can only be sent to processes which were executed after the su proces...

openSUSE: Security Advisory for util-linux (openSUSE-SU-2017:0589-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for util-linux (openSUSE-SU-2017:0590-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...