Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
util-linux vulnerabilities and exploits
(subscribe to this query)
188
VMScore
CVE-2015-5218
Buffer overflow in text-utils/colcrt.c in colcrt in util-linux prior to 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.
Kernel Util-linux
Opensuse Project Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
187
VMScore
CVE-2013-0157
(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates differen...
Kernel Util-linux 2.14.1
Kernel Util-linux 2.17.2
641
VMScore
CVE-2013-1813
util-linux/mdev.c in BusyBox prior to 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
Redhat Enterprise Linux 6.0
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 1.11.0
Busybox Busybox 1.12.0
Busybox Busybox 1.17.1
Busybox Busybox 1.7.0
Busybox Busybox 1.12.2
Busybox Busybox 1.1.3
Busybox Busybox 0.47
Busybox Busybox 0.49
Busybox Busybox 0.43
Busybox Busybox 1.7.1
Busybox Busybox 1.4.1
Busybox Busybox 1.11.3
Busybox Busybox 1.9.2
Busybox Busybox 0.60.3
Busybox Busybox 1.1.0
Busybox Busybox 1.13.4
Busybox Busybox 1.8.2
Busybox Busybox 0.60.1
Busybox Busybox 1.10.0
Busybox Busybox 1.20.0
294
VMScore
CVE-2011-0543
Certain legacy functionality in fusermount in fuse 2.8.5 and previous versions, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack.
Fuse Fuse 2.4.2
Fuse Fuse 2.6.0
Fuse Fuse 2.4.1
Fuse Fuse 2.2
Fuse Fuse 2.6.5
Fuse Fuse 2.7.0
Fuse Fuse 2.7.4
Fuse Fuse 2.3.0
Fuse Fuse 2.4.0
Fuse Fuse 2.6.3
Fuse Fuse 2.5.3
Fuse Fuse 2.3
Fuse Fuse 2.0
Fuse Fuse 2.8.1
Fuse Fuse 2.2.1
Fuse Fuse 2.5.1
Fuse Fuse 2.7.1
Fuse Fuse 2.8.2
Fuse Fuse 2.7.2
Fuse Fuse 2.1
Fuse Fuse 2.8.0
Fuse Fuse 2.5.2
294
VMScore
CVE-2011-1676
mount in util-linux 2.19 and previous versions does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.
Linux Util-linux 2.10
Linux Util-linux 2.5
Linux Util-linux 2.16
Linux Util-linux 2.11
Linux Util-linux 2.12
Linux Util-linux 2.17
Linux Util-linux 2.13
Linux Util-linux 2.14
Linux Util-linux 2.2
Linux Util-linux
Linux Util-linux 2.8
Linux Util-linux 2.18
Linux Util-linux 2.7
Linux Util-linux 2.9
Linux Util-linux 2.15
294
VMScore
CVE-2011-1675
mount in util-linux 2.19 and previous versions attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a relate...
Linux Util-linux 2.10
Linux Util-linux 2.5
Linux Util-linux 2.16
Linux Util-linux 2.11
Linux Util-linux 2.12
Linux Util-linux 2.17
Linux Util-linux 2.13
Linux Util-linux 2.14
Linux Util-linux 2.2
Linux Util-linux
Linux Util-linux 2.8
Linux Util-linux 2.18
Linux Util-linux 2.7
Linux Util-linux 2.9
Linux Util-linux 2.15
409
VMScore
CVE-2011-1677
mount in util-linux 2.19 and previous versions does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors.
Linux Util-linux 2.10
Linux Util-linux 2.5
Linux Util-linux 2.16
Linux Util-linux 2.11
Linux Util-linux 2.12
Linux Util-linux 2.17
Linux Util-linux 2.13
Linux Util-linux 2.14
Linux Util-linux 2.2
Linux Util-linux
Linux Util-linux 2.8
Linux Util-linux 2.18
Linux Util-linux 2.7
Linux Util-linux 2.9
Linux Util-linux 2.15
585
VMScore
CVE-2010-3879
FUSE, possibly 2.8.5 and previous versions, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-07...
Libfuse Project Libfuse
1 EDB exploit
668
VMScore
CVE-2008-1926
Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and previous versions makes it easier for remote malicious users to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login ...
Linux Util-linux 2.13.0.1
Linux Util-linux 2.13
Linux Util-linux 2.13.1
Linux Util-linux 2.13.1.1
Linux Util-linux 2.14
642
VMScore
CVE-2007-5191
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow malicious users to gain privileges via helpers such as mount.nfs.
Kernel Util-linux
Loop-aes-utils Project Loop-aes-utils -
Fedoraproject Fedora 7
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 3.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »