Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
util-linux vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-28085
wall in util-linux up to and including 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are n...
1 Github repository
1 Article
6.7
CVSSv3
CVE-2020-21583
An issue exists in hwclock.13-v2.27 allows malicious users to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date.
Kernel Util-linux
5.5
CVSSv3
CVE-2021-3995
A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local malicious user to unmount FUSE filesystems that belong to certain other users who have a UID that is...
Kernel Util-linux
Fedoraproject Fedora 35
1 Github repository
5.5
CVSSv3
CVE-2021-3996
A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (li...
Kernel Util-linux
Fedoraproject Fedora 35
1 Github repository
5.5
CVSSv3
CVE-2022-0563
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error mes...
Kernel Util-linux
Netapp Ontap Select Deploy Administration Utility -
1 Github repository
5.5
CVSSv3
CVE-2021-37600
An integer overflow in util-linux up to and including 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, an...
Kernel Util-linux
Netapp Ontap Select Deploy Administration Utility -
7.8
CVSSv3
CVE-2018-7738
In util-linux prior to 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount...
Kernel Util-linux
9.8
CVSSv3
CVE-2015-5224
The mkostemp function in login-utils in util-linux when used incorrectly allows remote malicious users to cause file name collision and possibly other attacks.
Kernel Util-linux
Kernel Util-linux 2.27
7.8
CVSSv3
CVE-2014-9114
Blkid in util-linux prior to 2.26rc-1 allows local users to execute arbitrary code.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Kernel Util-linux
7.8
CVSSv3
CVE-2016-2779
runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
Kernel Util-linux 2.24.2-1
11 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »