rpm package
suse/util-linux&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5
pkg:rpm/suse/util-linux&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-28085 | Low | 3.3 | < 2.33.2-4.36.1 | 2.33.2-4.36.1 | Mar 27, 2024 | wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) Ther | |
| CVE-2021-37600 | — | < 2.33.2-4.11.1 | 2.33.2-4.11.1 | Jul 28, 2021 | An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly i | ||
| CVE-2018-7738 | — | < 2.33.2-4.33.1 | 2.33.2-4.33.1 | Mar 6, 2018 | In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount f |
- affected < 2.33.2-4.36.1fixed 2.33.2-4.36.1
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) Ther
- CVE-2021-37600Jul 28, 2021affected < 2.33.2-4.11.1fixed 2.33.2-4.11.1
An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly i
- CVE-2018-7738Mar 6, 2018affected < 2.33.2-4.33.1fixed 2.33.2-4.33.1
In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount f