Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Linux Subscribe
Filtered by product Util-linux
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-1926 1 Linux 1 Util-linux 2023-02-12 7.5 HIGH N/A
Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."
CVE-2011-1675 1 Linux 1 Util-linux 2018-01-09 3.3 LOW N/A
mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.
CVE-2011-1677 1 Linux 1 Util-linux 2018-01-09 4.6 MEDIUM N/A
mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors.
CVE-2011-1676 1 Linux 1 Util-linux 2017-08-16 3.3 LOW N/A
mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.