Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Low: util-linux security and bug fix update

Related Vulnerabilities: CVE-2008-1926   CVE-2008-1926  

Source

Synopsis

Low: util-linux security and bug fix update

Type/Severity

Security Advisory: Low

Topic

An updated util-linux package that fixes one security issue and several
bugs is now available.

This update has been rated as having low security impact by the Red
Hat Security Response Team.

Description

The util-linux package contains a collection of basic system utilities,
such as fdisk and mount.

A log injection attack was found in util-linux when logging log in attempts
via the audit subsystem of the Linux kernel. A remote attacker could use
this flaw to modify certain parts of logged events, possibly hiding their
activities on a system. (CVE-2008-1926)

This updated package also fixes the following bugs:

  • partitions created by VMware ESX™ were not included in the list of
    recognized file systems used by fdisk. Consequently, if VMware ESX was
    installed, "fdisk -l" returned "Unknown" for these partitions. With this
    update, information regarding the VMKcore and VMFS partitions has been
    added to the file systems list. On systems running VMware ESX, "fdisk -l"
    now lists information about these partitions as expected. (BZ#447264)
  • if a username was not set, the login command would fail with a
    Segmentation fault. With this update, login lets the audit system handle
    NULL usernames (it sends an AUDIT_USER_LOGIN message to the audit system in
    the event there is no username set). (BZ#456213)
  • the nfs(5) man page listed version 2 as the default. This is incorrect:
    unless otherwise specified, the NFS client uses NFS version 3. The man page
    has been corrected. (BZ#458539)
  • in certain situations, backgrounded NFS mounts died shortly after being
    backgrounded when the mount command was executed by the initlog command,
    which, for example, would occur when running an init script, such as
    running the "service netfs start" command. In these situations, running the
    "ps -ef" command showed backgrounded NFS mounts disappearing shortly after
    being backgrounded. In this updated package, backgrounded mount processes
    detach from the controlling terminal, which resolves this issue.
    (BZ#461488)
  • if a new partition's starting cylinder was beyond one terabyte, fdisk
    could not create the partition. This has been fixed. (BZ#471372)
  • in rare cases "mount -a" ignored fstab order and tried to re-mount file
    systems on mpath devices. With this update, mount honors fstab order even
    in the rare cases reported. (BZ#472186)
  • the "mount --move" command moved a file system's mount point as expected
    (for example, /proc/mounts showed the changed mount point as expected) but
    did not update /etc/mtab properly. With this update, the "mount --move"
    command gathers all necessary information about the old mount point, copies
    it to the new mount point and then deletes the old point, ensuring
    /etc/mtab is updated properly. (BZ#485004)

Util-linux users are advised to upgrade to this updated package, which
addresses this vulnerability and resolves these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

  • BZ - 443925 - CVE-2008-1926 util-linux: audit log injection via login
  • BZ - 447264 - RHEL4: VMware fdisk partitions
  • BZ - 456213 - RHEL4: login segfaults on EOF
  • BZ - 456379 - RHEL4: audit log injection attack via login
  • BZ - 458539 - man nfs : wrong information about nfs version used
  • BZ - 461488 - Backgrounded NFS mounts dies soon after "service netfs start" command is issued
  • BZ - 471372 - RHEL4: fdisk cannot create partition with starting beyond 1 TB
  • BZ - 472186 - mount -a has problems with duplicate labels in a mpath setup
  • BZ - 485004 - Move mount doesn't correctly update mtab

CVEs

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started