Product:

Util\-Linux

(Kernel)
Date ID Summary Products Score Patch
2017-04-11 CVE-2016-5011 The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset. Power_hardware_management_console, Powerkvm, Util\-Linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation N/A
2017-08-23 CVE-2015-5224 The mkostemp function in login-utils in util-linux when used incorrectly allows remote attackers to cause file name collision and possibly other attacks. Util\-Linux N/A
2018-03-07 CVE-2018-7738 In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion. Util\-Linux 7.8
2017-02-07 CVE-2016-2779 runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. Util\-Linux 7.8
2015-11-09 CVE-2015-5218 Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable. Util\-Linux, Opensuse, Leap N/A
2017-03-31 CVE-2014-9114 Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. Fedora, Util\-Linux, Opensuse 7.8
2014-01-21 CVE-2013-0157 (a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates different error messages depending on whether the directory exists. Util\-Linux N/A