~/products/debian/util-linux

pipeline liveDigest Docs

Debian Util-Linux vulnerabilities

25 known vulnerabilities affecting debian/util-linux.

Total CVEs

25

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH2MEDIUM7LOW16

Vulnerabilities

Page 2 of 2

CVE-2007-0822LOWCVSS 1.92007

CVE-2007-0822 [LOW] CVE-2007-0822: util-linux - umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allow... umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensitive information, including core file contents. Scope: local bookworm: re

CVE-2007-5191LOWCVSS 7.2fixed in util-linux 2.13-8 (bookworm)2007

CVE-2007-5191 [HIGH] CVE-2007-5191: util-linux - mount and umount in util-linux and loop-aes-utils call the setuid and setgid fun... mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs. Scope: local bookworm: resolved (fixed in 2.13-8) bullseye: resolved (fixed in 2.13-8) forky: resolved (fixed in 2.13-8) sid: resolved (fixed in 2.

CVE-2006-7108LOWCVSS 4.1fixed in util-linux 2.17.2-9 (bookworm)2006

CVE-2006-7108 [MEDIUM] CVE-2006-7108: util-linux - login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when authentication... login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok. Scope: local bookworm: resolved (fixed in 2.17.2-9) bullseye: resolved (fixed in 2.17.2-9) fork

CVE-2005-2876MEDIUMCVSS 7.2fixed in util-linux 2.12p-8 (bookworm)2005

CVE-2005-2876 [HIGH] CVE-2005-2876: util-linux - umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages ... umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags. Scope: local bookworm: resolved (fi

CVE-2001-1494MEDIUMCVSS 5.5fixed in util-linux 2.11n-1 (bookworm)2001

CVE-2001-1494 [MEDIUM] CVE-2001-1494: util-linux - script command in the util-linux package before 2.11n allows local users to over... script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command. Scope: local bookworm: resolved (fixed in 2.11n-1) bullseye: resolved (fixed in 2.11n-1) forky: resolved (fixed in 2.11n-1) sid: resolved (f

← Previous2 / 2