VYPR
Unrated severityNVD Advisory· Published Apr 24, 2008· Updated Jun 16, 2026

CVE-2008-1926

CVE-2008-1926

Description

Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Linux/Util Linux5 versions
    cpe:2.3:a:linux:util-linux:2.13:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:linux:util-linux:2.13:*:*:*:*:*:*:*
    • cpe:2.3:a:linux:util-linux:2.13.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:linux:util-linux:2.13.1:*:*:*:*:*:*:*
    • cpe:2.3:a:linux:util-linux:2.13.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:linux:util-linux:2.14:rc1:*:*:*:*:*:*
  • Range: <=2.14

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.