VYPR

rpm package

suse/util-linux-systemd&distro=SUSE Linux Enterprise Micro 5.5

pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Vulnerabilities (3)

  • CVE-2026-3184LowApr 3, 2026
    affected < 2.37.4-150500.9.23.1fixed 2.37.4-150500.9.23.1

    A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a specially crafted hostname, pot

  • CVE-2025-14104MedDec 5, 2025
    affected < 2.37.4-150500.9.20.1fixed 2.37.4-150500.9.20.1

    A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

  • CVE-2024-28085LowMar 27, 2024
    affected < 2.37.4-150500.9.6.1fixed 2.37.4-150500.9.6.1

    wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) Ther