Low severity3.7NVD Advisory· Published Apr 3, 2026· Updated May 1, 2026
CVE-2026-3184
CVE-2026-3184
Description
A flaw was found in util-linux. Improper hostname canonicalization in the login(1) utility, when invoked with the -h option, can modify the supplied remote hostname before setting PAM_RHOST. A remote attacker could exploit this by providing a specially crafted hostname, potentially bypassing host-based Pluggable Authentication Modules (PAM) access control rules that rely on fully qualified domain names. This could lead to unauthorized access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
37cpe:2.3:a:kernel:util-linux:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:kernel:util-linux:-:*:*:*:*:*:*:*
- (no CPE)
- cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*
- osv-coords34 versionspkg:rpm/opensuse/python3-libmount&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python-libmount&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/python-libmount&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/util-linux&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/util-linux&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/util-linux&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/util-linux-systemd&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/util-linux-systemd&distro=openSUSE%20Leap%2016.0pkg:rpm/suse/python-libmount&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/python-libmount&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/python-libmount&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Micro%206.2
< 2.37.4-150500.9.23.1+ 33 more
- (no CPE)range: < 2.37.4-150500.9.23.1
- (no CPE)range: < 2.39.3-150600.4.18.1
- (no CPE)range: < 2.41.1-160000.3.1
- (no CPE)range: < 2.39.3-150600.4.18.1
- (no CPE)range: < 2.41.1-160000.3.1
- (no CPE)range: < 2.41.3-4.1
- (no CPE)range: < 2.39.3-150600.4.18.1
- (no CPE)range: < 2.41.1-160000.3.1
- (no CPE)range: < 2.41.1-160000.3.1
- (no CPE)range: < 2.41.1-160000.3.1
- (no CPE)range: < 2.33.2-4.51.2
- (no CPE)range: < 2.36.2-150300.4.53.1
- (no CPE)range: < 2.37.2-150400.8.41.1
- (no CPE)range: < 2.37.2-150400.8.41.1
- (no CPE)range: < 2.37.4-150500.9.23.1
- (no CPE)range: < 2.40.4-150700.4.10.1
- (no CPE)range: < 2.41.1-160000.3.1
- (no CPE)range: < 2.41.1-160000.3.1
- (no CPE)range: < 2.33.2-4.51.1
- (no CPE)range: < 2.39.3-5.1
- (no CPE)range: < 2.40.4-slfo.1.1_4.1
- (no CPE)range: < 2.41.1-160000.3.1
- (no CPE)range: < 2.36.2-150300.4.53.1
- (no CPE)range: < 2.37.2-150400.8.41.1
- (no CPE)range: < 2.37.2-150400.8.41.1
- (no CPE)range: < 2.37.4-150500.9.23.1
- (no CPE)range: < 2.40.4-150700.4.10.1
- (no CPE)range: < 2.40.4-150700.4.10.1
- (no CPE)range: < 2.41.1-160000.3.1
- (no CPE)range: < 2.41.1-160000.3.1
- (no CPE)range: < 2.33.2-4.51.1
- (no CPE)range: < 2.39.3-5.1
- (no CPE)range: < 2.40.4-slfo.1.1_4.1
- (no CPE)range: < 2.41.1-160000.3.1
Patches
Vulnerability mechanics
References
3- access.redhat.com/errata/RHSA-2026:7180nvdThird Party Advisory
- access.redhat.com/security/cve/CVE-2026-3184nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.