Information on source package util-linux

Available versions

ReleaseVersion
jessie2.25.2-6
stretch2.29.2-1
stretch (security)2.29.2-1+deb9u1
buster2.32-0.1
sid2.32-0.1

Open issues

BugjessiestretchbustersidDescription
CVE-2016-5011vulnerable (no DSA)fixedfixedfixedThe parse_dos_extended function in partitions/dos.c in the libblkid ...
CVE-2016-2779vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablerunuser in util-linux allows local users to escape to the parent ...

Open unimportant issues

BugjessiestretchbustersidDescription
TEMP-0786804-C23D2Bvulnerablefixedfixedfixedhwclock(8) SUID privilege escalation
CVE-2017-2616vulnerablefixedfixedfixedSending SIGKILL to other processes with root privileges via su
CVE-2015-5224vulnerablefixedfixedfixedThe mkostemp function in login-utils in util-linux when used ...
CVE-2015-5218vulnerablefixedfixedfixedBuffer overflow in text-utils/colcrt.c in colcrt in util-linux before ...

Resolved issues

BugDescription
CVE-2018-7738In util-linux before 2.32-rc1, bash-completion/umount allows local ...
CVE-2014-9114Blkid in util-linux before 2.26rc-1 allows local users to execute ...
CVE-2013-0157(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably ...
CVE-2011-1677mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ ...
CVE-2011-1675mount in util-linux 2.19 and earlier attempts to append to the ...
CVE-2008-1926Argument injection vulnerability in login (login-utils/login.c) in ...
CVE-2007-5191mount and umount in util-linux and loop-aes-utils call the setuid and ...
CVE-2007-0822umount, when running with the Linux 2.6.15 kernel on Slackware Linux ...
CVE-2006-7108login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when ...
CVE-2005-2876umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other ...
CVE-2001-1494script command in the util-linux package before 2.11n allows local ...

Security announcements

DSA / DLADescription
DSA-4134-1util-linux - security update
DSA-1450-1util-linux privilege escalation
DSA-1450-1util-linux privilege escalation
DSA-823-1util-linux - privilege escalation
DSA-823-1util-linux - privilege escalation

Search for package or bug name: Reporting problems