Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
util-linux vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-26821
In the Linux kernel, the following vulnerability has been resolved: fs: relax mount_setattr() permission checks When we added mount_setattr() I added additional checks compared to the legacy do_reconfigure_mnt() and do_change_type() helpers used by regular mount(2). If that mount...
10
CVSSv3
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
75 Github repositories
6 Articles
NA
CVE-2024-28085
wall in util-linux up to and including 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are n...
1 Github repository
1 Article
6.7
CVSSv3
CVE-2020-21583
An issue exists in hwclock.13-v2.27 allows malicious users to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date.
Kernel Util-linux
5.5
CVSSv3
CVE-2021-3995
A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local malicious user to unmount FUSE filesystems that belong to certain other users who have a UID that is...
Kernel Util-linux
Fedoraproject Fedora 35
1 Github repository
5.5
CVSSv3
CVE-2021-3996
A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (li...
Kernel Util-linux
Fedoraproject Fedora 35
1 Github repository
5.5
CVSSv3
CVE-2022-0563
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error mes...
Kernel Util-linux
Netapp Ontap Select Deploy Administration Utility -
1 Github repository
5.5
CVSSv3
CVE-2021-37600
An integer overflow in util-linux up to and including 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, an...
Kernel Util-linux
Netapp Ontap Select Deploy Administration Utility -
7.8
CVSSv3
CVE-2018-7738
In util-linux prior to 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount...
Kernel Util-linux
9.8
CVSSv3
CVE-2015-5224
The mkostemp function in login-utils in util-linux when used incorrectly allows remote malicious users to cause file name collision and possibly other attacks.
Kernel Util-linux
Kernel Util-linux 2.27
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »