rpm package
suse/util-linux&distro=SUSE Linux Enterprise Micro 5.1
pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Enterprise%20Micro%205.1
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-28085 | Low | 3.3 | < 2.36.2-150300.4.41.1 | 2.36.2-150300.4.41.1 | Mar 27, 2024 | wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) Ther | |
| CVE-2021-3996 | — | < 2.36.2-150300.4.14.3 | 2.36.2-150300.4.14.3 | Aug 23, 2022 | A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /t | ||
| CVE-2021-3995 | — | < 2.36.2-150300.4.14.3 | 2.36.2-150300.4.14.3 | Aug 23, 2022 | A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a pre | ||
| CVE-2021-37600 | — | < 2.36.2-4.5.1 | 2.36.2-4.5.1 | Jul 28, 2021 | An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly i |
- affected < 2.36.2-150300.4.41.1fixed 2.36.2-150300.4.41.1
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) Ther
- CVE-2021-3996Aug 23, 2022affected < 2.36.2-150300.4.14.3fixed 2.36.2-150300.4.14.3
A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /t
- CVE-2021-3995Aug 23, 2022affected < 2.36.2-150300.4.14.3fixed 2.36.2-150300.4.14.3
A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a pre
- CVE-2021-37600Jul 28, 2021affected < 2.36.2-4.5.1fixed 2.36.2-4.5.1
An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly i