rpm package
suse/util-linux&distro=SUSE Linux Enterprise Server for SAP Applications 12
pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-2616 | — | < 2.25-24.10.1 | 2.25-24.10.1 | Jul 27, 2018 | A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. | ||
| CVE-2016-5011 | Med | 4.6 | < 2.25-24.10.1 | 2.25-24.10.1 | Apr 11, 2017 | The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset. | |
| CVE-2014-9114 | Hig | 7.8 | < 2.25-10.1 | 2.25-10.1 | Mar 31, 2017 | Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. | |
| CVE-2015-5218 | — | < 2.25-24.3.2 | 2.25-24.3.2 | Nov 9, 2015 | Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable. |
- CVE-2017-2616Jul 27, 2018affected < 2.25-24.10.1fixed 2.25-24.10.1
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
- affected < 2.25-24.10.1fixed 2.25-24.10.1
The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
- affected < 2.25-10.1fixed 2.25-10.1
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
- CVE-2015-5218Nov 9, 2015affected < 2.25-24.3.2fixed 2.25-24.3.2
Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.