CVE-2026-3184

Affects util-linux, specifically the login(1) utility when invoked with -h. The root cause is improper hostname canonicalization, which can modify the supplied remote hostname before setting PAM_RHOST. This weakness can bypass host-based PAM access control rules that rely on fully qualified domai...