VYPR

rpm package

suse/util-linux-systemd&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/util-linux-systemd&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (3)

  • CVE-2026-27456MedApr 3, 2026
    affected < 2.33.2-4.54.1fixed 2.33.2-4.54.1

    util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU (Time-of-Check-Time-of-Use) vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path

  • CVE-2026-3184LowApr 3, 2026
    affected < 2.33.2-4.51.1fixed 2.33.2-4.51.1

    A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a specially crafted hostname, pot

  • CVE-2025-14104MedDec 5, 2025
    affected < 2.33.2-4.48.1fixed 2.33.2-4.48.1

    A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.