Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kernel util-linux vulnerabilities and exploits
(subscribe to this query)
670
VMScore
CVE-2015-5224
The mkostemp function in login-utils in util-linux when used incorrectly allows remote malicious users to cause file name collision and possibly other attacks.
Kernel Util-linux
Kernel Util-linux 2.27
644
VMScore
CVE-2016-2779
runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
Kernel Util-linux 2.24.2-1
10 Github repositories
643
VMScore
CVE-2018-7738
In util-linux prior to 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount...
Kernel Util-linux
642
VMScore
CVE-2007-5191
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow malicious users to gain privileges via helpers such as mount.nfs.
Kernel Util-linux
Loop-aes-utils Project Loop-aes-utils -
Fedoraproject Fedora 7
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 3.1
641
VMScore
CVE-2014-9114
Blkid in util-linux prior to 2.26rc-1 allows local users to execute arbitrary code.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Kernel Util-linux
188
VMScore
CVE-2015-5218
Buffer overflow in text-utils/colcrt.c in colcrt in util-linux prior to 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.
Kernel Util-linux
Opensuse Opensuse 13.1
Opensuse Project Leap 42.1
Opensuse Opensuse 13.2
187
VMScore
CVE-2013-0157
(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates differen...
Kernel Util-linux 2.14.1
Kernel Util-linux 2.17.2
187
VMScore
CVE-2001-1494
script command in the util-linux package prior to 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
Kernel Util-linux
Avaya Cvlan
Avaya Interactive Response
Avaya Integrated Management Suit
Avaya Intuity Lx
Avaya Message Networking
Avaya Messaging Storage Server
1 Github repository
169
VMScore
CVE-2022-0563
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error mes...
Kernel Util-linux
Netapp Ontap Select Deploy Administration Utility -
1 Github repository
107
VMScore
CVE-2021-37600
An integer overflow in util-linux up to and including 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, an...
Kernel Util-linux
Netapp Ontap Select Deploy Administration Utility -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »