Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
util-linux vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2016-2779
runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
Kernel Util-linux 2.24.2-1
10 Github repositories
NA
CVE-2015-5218
Buffer overflow in text-utils/colcrt.c in colcrt in util-linux prior to 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.
Kernel Util-linux
Opensuse Opensuse 13.1
Opensuse Project Leap 42.1
Opensuse Opensuse 13.2
NA
CVE-2013-0157
(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates differen...
Kernel Util-linux 2.14.1
Kernel Util-linux 2.17.2
NA
CVE-2013-1813
util-linux/mdev.c in BusyBox prior to 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
Redhat Enterprise Linux 6.0
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 0.38
Busybox Busybox 0.46
Busybox Busybox 0.47
Busybox Busybox 0.60.1
Busybox Busybox 0.60.2
Busybox Busybox 0.60.3
Busybox Busybox 1.1.2
Busybox Busybox 1.1.3
Busybox Busybox 1.11.1
Busybox Busybox 1.11.2
Busybox Busybox 1.13.1
Busybox Busybox 1.13.2
Busybox Busybox 1.14.4
Busybox Busybox 1.15.0
Busybox Busybox 1.17.0
Busybox Busybox 1.17.1
Busybox Busybox 1.18.4
Busybox Busybox 1.18.5
Busybox Busybox 1.2.2
Busybox Busybox 1.2.2.1
NA
CVE-2011-0543
Certain legacy functionality in fusermount in fuse 2.8.5 and previous versions, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack.
Fuse Fuse 2.4.2
Fuse Fuse 2.6.0
Fuse Fuse 2.4.1
Fuse Fuse 2.2
Fuse Fuse 2.6.5
Fuse Fuse 2.7.0
Fuse Fuse 2.7.4
Fuse Fuse 2.3.0
Fuse Fuse 2.4.0
Fuse Fuse 2.6.3
Fuse Fuse 2.5.3
Fuse Fuse 2.3
Fuse Fuse 2.0
Fuse Fuse 2.8.1
Fuse Fuse 2.2.1
Fuse Fuse 2.5.1
Fuse Fuse 2.7.1
Fuse Fuse 2.8.2
Fuse Fuse 2.7.2
Fuse Fuse 2.1
Fuse Fuse 2.8.0
Fuse Fuse 2.5.2
NA
CVE-2011-1677
mount in util-linux 2.19 and previous versions does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors.
Linux Util-linux
Linux Util-linux 2.13
Linux Util-linux 2.12
Linux Util-linux 2.2
Linux Util-linux 2.16
Linux Util-linux 2.15
Linux Util-linux 2.9
Linux Util-linux 2.8
Linux Util-linux 2.14
Linux Util-linux 2.7
Linux Util-linux 2.5
Linux Util-linux 2.18
Linux Util-linux 2.17
Linux Util-linux 2.11
Linux Util-linux 2.10
NA
CVE-2011-1675
mount in util-linux 2.19 and previous versions attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a relate...
Linux Util-linux 2.15
Linux Util-linux 2.14
Linux Util-linux 2.9
Linux Util-linux 2.8
Linux Util-linux
Linux Util-linux 2.18
Linux Util-linux 2.12
Linux Util-linux 2.2
Linux Util-linux 2.17
Linux Util-linux 2.16
Linux Util-linux 2.11
Linux Util-linux 2.10
Linux Util-linux 2.13
Linux Util-linux 2.7
Linux Util-linux 2.5
NA
CVE-2011-1676
mount in util-linux 2.19 and previous versions does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.
Linux Util-linux
Linux Util-linux 2.18
Linux Util-linux 2.12
Linux Util-linux 2.11
Linux Util-linux 2.13
Linux Util-linux 2.5
Linux Util-linux 2.2
Linux Util-linux 2.17
Linux Util-linux 2.16
Linux Util-linux 2.10
Linux Util-linux 2.9
Linux Util-linux 2.15
Linux Util-linux 2.14
Linux Util-linux 2.8
Linux Util-linux 2.7
NA
CVE-2010-3879
FUSE, possibly 2.8.5 and previous versions, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-07...
Libfuse Project Libfuse
1 EDB exploit
NA
CVE-2008-1926
Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and previous versions makes it easier for remote malicious users to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login ...
Linux Util-linux 2.13.0.1
Linux Util-linux 2.13
Linux Util-linux 2.13.1
Linux Util-linux 2.13.1.1
Linux Util-linux 2.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »