Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
14 vulnerabilities found for util-linux by Linux
CVE-2017-2616 (GCVE-0-2017-2616)
Vulnerability from cvelistv5 – Published: 2018-07-27 19:00 – Updated: 2025-06-09 15:37
VLAI?
Summary
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
Severity ?
5.5 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | util-linux |
Affected:
2.32.1
|
Date Public ?
2017-02-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:06.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616"
},
{
"name": "96404",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96404"
},
{
"name": "RHSA-2017:0907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0907"
},
{
"name": "RHSA-2017:0654",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0654.html"
},
{
"name": "GLSA-201706-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-02"
},
{
"name": "DSA-3793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3793"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891"
},
{
"name": "1038271",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038271"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-2616",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T15:37:36.204772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T15:37:51.878Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "util-linux",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.32.1"
}
]
}
],
"datePublic": "2017-02-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-267",
"description": "CWE-267",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-28T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616"
},
{
"name": "96404",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96404"
},
{
"name": "RHSA-2017:0907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0907"
},
{
"name": "RHSA-2017:0654",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0654.html"
},
{
"name": "GLSA-201706-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-02"
},
{
"name": "DSA-3793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3793"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891"
},
{
"name": "1038271",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038271"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2616",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "util-linux",
"version": {
"version_data": [
{
"version_value": "2.32.1"
}
]
}
}
]
},
"vendor_name": "Linux"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-267"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616"
},
{
"name": "96404",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96404"
},
{
"name": "RHSA-2017:0907",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0907"
},
{
"name": "RHSA-2017:0654",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0654.html"
},
{
"name": "GLSA-201706-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-02"
},
{
"name": "DSA-3793",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3793"
},
{
"name": "https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891",
"refsource": "CONFIRM",
"url": "https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891"
},
{
"name": "1038271",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038271"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2616",
"datePublished": "2018-07-27T19:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2025-06-09T15:37:51.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1676 (GCVE-0-2011-1676)
Vulnerability from cvelistv5 – Published: 2011-04-10 01:29 – Updated: 2024-08-06 22:37
VLAI?
Summary
mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
Date Public ?
2011-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "utillinux-mount-sec-bypass(66704)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66704"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "utillinux-mount-sec-bypass(66704)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66704"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=688980",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "utillinux-mount-sec-bypass(66704)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66704"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1676",
"datePublished": "2011-04-10T01:29:00.000Z",
"dateReserved": "2011-04-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:37:25.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1677 (GCVE-0-2011-1677)
Vulnerability from cvelistv5 – Published: 2011-04-10 01:29 – Updated: 2024-08-06 22:37
VLAI?
Summary
mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2011-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:24.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "utillinux-mount-unspecified(66703)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66703"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "48114",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48114"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"name": "RHSA-2011:1691",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-09T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "utillinux-mount-unspecified(66703)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66703"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "48114",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48114"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"name": "RHSA-2011:1691",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "utillinux-mount-unspecified(66703)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66703"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "48114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48114"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=688980",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"name": "RHSA-2011:1691",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1677",
"datePublished": "2011-04-10T01:29:00.000Z",
"dateReserved": "2011-04-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:37:24.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1675 (GCVE-0-2011-1675)
Vulnerability from cvelistv5 – Published: 2011-04-10 01:29 – Updated: 2024-08-06 22:37
VLAI?
Summary
mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2011-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "48114",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48114"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "utillinux-mtab-security-bypass(66705)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66705"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"name": "RHSA-2011:1691",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-09T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "48114",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48114"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "utillinux-mtab-security-bypass(66705)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66705"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"name": "RHSA-2011:1691",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1675",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "48114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48114"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=688980",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "utillinux-mtab-security-bypass(66705)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66705"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"name": "RHSA-2011:1691",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1675",
"datePublished": "2011-04-10T01:29:00.000Z",
"dateReserved": "2011-04-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:37:25.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1926 (GCVE-0-2008-1926)
Vulnerability from cvelistv5 – Published: 2008-04-23 17:00 – Updated: 2024-08-07 08:40
VLAI?
Summary
Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-04-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:40:59.909Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30014",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30014"
},
{
"name": "29982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29982"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=8ccf0b253ac0f4f58d64bc9674de18bff5a88782"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0143"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=blobdiff%3Bf=login-utils/login.c%3Bh=230121316d953c59e7842c1325f6e9f326a37608%3Bhp=aad27794327c60391b5148b367d2c79338fc6ee4%3Bhb=8ccf0b253ac0f4f58d64bc9674de18bff5a88782%3Bhpb=3a4a13b12a8065b0b5354686d2807cce421a9973"
},
{
"name": "ADV-2008-1392",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1392/references"
},
{
"name": "utillinuxng-login-data-manipulation(41987)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41987"
},
{
"name": "1022256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022256"
},
{
"name": "MDVSA-2008:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:114"
},
{
"name": "20091112 rPSA-2009-0143-1 util-linux util-linux-extras",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507854/100/0/threaded"
},
{
"name": "28983",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28983"
},
{
"name": "oval:org.mitre.oval:def:9833",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9833"
},
{
"name": "35161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35161"
},
{
"name": "FEDORA-2008-3419",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00624.html"
},
{
"name": "RHSA-2009:0981",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0981.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an \"addr=\" statement to the login name, aka \"audit log injection.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "30014",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30014"
},
{
"name": "29982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29982"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=8ccf0b253ac0f4f58d64bc9674de18bff5a88782"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0143"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=blobdiff%3Bf=login-utils/login.c%3Bh=230121316d953c59e7842c1325f6e9f326a37608%3Bhp=aad27794327c60391b5148b367d2c79338fc6ee4%3Bhb=8ccf0b253ac0f4f58d64bc9674de18bff5a88782%3Bhpb=3a4a13b12a8065b0b5354686d2807cce421a9973"
},
{
"name": "ADV-2008-1392",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1392/references"
},
{
"name": "utillinuxng-login-data-manipulation(41987)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41987"
},
{
"name": "1022256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022256"
},
{
"name": "MDVSA-2008:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:114"
},
{
"name": "20091112 rPSA-2009-0143-1 util-linux util-linux-extras",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507854/100/0/threaded"
},
{
"name": "28983",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28983"
},
{
"name": "oval:org.mitre.oval:def:9833",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9833"
},
{
"name": "35161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35161"
},
{
"name": "FEDORA-2008-3419",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00624.html"
},
{
"name": "RHSA-2009:0981",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0981.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-1926",
"datePublished": "2008-04-23T17:00:00.000Z",
"dateReserved": "2008-04-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:40:59.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2616 (GCVE-0-2017-2616)
Vulnerability from nvd – Published: 2018-07-27 19:00 – Updated: 2025-06-09 15:37
VLAI?
Summary
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
Severity ?
5.5 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | util-linux |
Affected:
2.32.1
|
Date Public ?
2017-02-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:06.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616"
},
{
"name": "96404",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96404"
},
{
"name": "RHSA-2017:0907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0907"
},
{
"name": "RHSA-2017:0654",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0654.html"
},
{
"name": "GLSA-201706-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-02"
},
{
"name": "DSA-3793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3793"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891"
},
{
"name": "1038271",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038271"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-2616",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T15:37:36.204772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T15:37:51.878Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "util-linux",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.32.1"
}
]
}
],
"datePublic": "2017-02-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-267",
"description": "CWE-267",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-28T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616"
},
{
"name": "96404",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96404"
},
{
"name": "RHSA-2017:0907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0907"
},
{
"name": "RHSA-2017:0654",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0654.html"
},
{
"name": "GLSA-201706-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-02"
},
{
"name": "DSA-3793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3793"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891"
},
{
"name": "1038271",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038271"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2616",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "util-linux",
"version": {
"version_data": [
{
"version_value": "2.32.1"
}
]
}
}
]
},
"vendor_name": "Linux"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-267"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616"
},
{
"name": "96404",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96404"
},
{
"name": "RHSA-2017:0907",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0907"
},
{
"name": "RHSA-2017:0654",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0654.html"
},
{
"name": "GLSA-201706-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-02"
},
{
"name": "DSA-3793",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3793"
},
{
"name": "https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891",
"refsource": "CONFIRM",
"url": "https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891"
},
{
"name": "1038271",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038271"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2616",
"datePublished": "2018-07-27T19:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2025-06-09T15:37:51.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1676 (GCVE-0-2011-1676)
Vulnerability from nvd – Published: 2011-04-10 01:29 – Updated: 2024-08-06 22:37
VLAI?
Summary
mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2011-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "utillinux-mount-sec-bypass(66704)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66704"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "utillinux-mount-sec-bypass(66704)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66704"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=688980",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "utillinux-mount-sec-bypass(66704)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66704"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1676",
"datePublished": "2011-04-10T01:29:00.000Z",
"dateReserved": "2011-04-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:37:25.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1677 (GCVE-0-2011-1677)
Vulnerability from nvd – Published: 2011-04-10 01:29 – Updated: 2024-08-06 22:37
VLAI?
Summary
mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2011-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:24.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "utillinux-mount-unspecified(66703)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66703"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "48114",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48114"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"name": "RHSA-2011:1691",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-09T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "utillinux-mount-unspecified(66703)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66703"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "48114",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48114"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"name": "RHSA-2011:1691",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "utillinux-mount-unspecified(66703)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66703"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "48114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48114"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=688980",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"name": "RHSA-2011:1691",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1677",
"datePublished": "2011-04-10T01:29:00.000Z",
"dateReserved": "2011-04-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:37:24.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1675 (GCVE-0-2011-1675)
Vulnerability from nvd – Published: 2011-04-10 01:29 – Updated: 2024-08-06 22:37
VLAI?
Summary
mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2011-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "48114",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48114"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "utillinux-mtab-security-bypass(66705)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66705"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"name": "RHSA-2011:1691",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-09T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "48114",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48114"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "utillinux-mtab-security-bypass(66705)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66705"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"name": "RHSA-2011:1691",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1675",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name": "48114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48114"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=688980",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "utillinux-mtab-security-bypass(66705)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66705"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"name": "RHSA-2011:1691",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1675",
"datePublished": "2011-04-10T01:29:00.000Z",
"dateReserved": "2011-04-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:37:25.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1926 (GCVE-0-2008-1926)
Vulnerability from nvd – Published: 2008-04-23 17:00 – Updated: 2024-08-07 08:40
VLAI?
Summary
Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2008-04-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:40:59.909Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30014",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30014"
},
{
"name": "29982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29982"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=8ccf0b253ac0f4f58d64bc9674de18bff5a88782"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0143"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=blobdiff%3Bf=login-utils/login.c%3Bh=230121316d953c59e7842c1325f6e9f326a37608%3Bhp=aad27794327c60391b5148b367d2c79338fc6ee4%3Bhb=8ccf0b253ac0f4f58d64bc9674de18bff5a88782%3Bhpb=3a4a13b12a8065b0b5354686d2807cce421a9973"
},
{
"name": "ADV-2008-1392",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1392/references"
},
{
"name": "utillinuxng-login-data-manipulation(41987)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41987"
},
{
"name": "1022256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022256"
},
{
"name": "MDVSA-2008:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:114"
},
{
"name": "20091112 rPSA-2009-0143-1 util-linux util-linux-extras",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507854/100/0/threaded"
},
{
"name": "28983",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28983"
},
{
"name": "oval:org.mitre.oval:def:9833",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9833"
},
{
"name": "35161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35161"
},
{
"name": "FEDORA-2008-3419",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00624.html"
},
{
"name": "RHSA-2009:0981",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0981.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an \"addr=\" statement to the login name, aka \"audit log injection.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "30014",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30014"
},
{
"name": "29982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29982"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=8ccf0b253ac0f4f58d64bc9674de18bff5a88782"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0143"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=blobdiff%3Bf=login-utils/login.c%3Bh=230121316d953c59e7842c1325f6e9f326a37608%3Bhp=aad27794327c60391b5148b367d2c79338fc6ee4%3Bhb=8ccf0b253ac0f4f58d64bc9674de18bff5a88782%3Bhpb=3a4a13b12a8065b0b5354686d2807cce421a9973"
},
{
"name": "ADV-2008-1392",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1392/references"
},
{
"name": "utillinuxng-login-data-manipulation(41987)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41987"
},
{
"name": "1022256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022256"
},
{
"name": "MDVSA-2008:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:114"
},
{
"name": "20091112 rPSA-2009-0143-1 util-linux util-linux-extras",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507854/100/0/threaded"
},
{
"name": "28983",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28983"
},
{
"name": "oval:org.mitre.oval:def:9833",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9833"
},
{
"name": "35161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35161"
},
{
"name": "FEDORA-2008-3419",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00624.html"
},
{
"name": "RHSA-2009:0981",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0981.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-1926",
"datePublished": "2008-04-23T17:00:00.000Z",
"dateReserved": "2008-04-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:40:59.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2011-1677
Vulnerability from fkie_nvd - Published: 2011-04-10 02:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/04/10 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/04/11 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/04/12 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/04/9 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/05/3 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/05/7 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/07/9 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/14/16 | Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/14/5 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/14/7 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/15/6 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/22/4 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/22/6 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/31/3 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/31/4 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/04/01/2 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/48114 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2011-1691.html | Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=688980 | Issue Tracking | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/66703 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/10 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/11 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/12 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/9 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/05/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/05/7 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/07/9 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/14/16 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/14/5 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/14/7 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/15/6 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/22/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/22/6 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/31/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/31/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/04/01/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48114 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1691.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=688980 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/66703 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | util-linux | * | |
| linux | util-linux | 2.2 | |
| linux | util-linux | 2.5 | |
| linux | util-linux | 2.7 | |
| linux | util-linux | 2.8 | |
| linux | util-linux | 2.9 | |
| linux | util-linux | 2.10 | |
| linux | util-linux | 2.11 | |
| linux | util-linux | 2.12 | |
| linux | util-linux | 2.12 | |
| linux | util-linux | 2.13 | |
| linux | util-linux | 2.13 | |
| linux | util-linux | 2.14 | |
| linux | util-linux | 2.15 | |
| linux | util-linux | 2.16 | |
| linux | util-linux | 2.17 | |
| linux | util-linux | 2.18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linux:util-linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60DFC5FF-1ABB-4D06-8560-E47906167008",
"versionEndIncluding": "2.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F0DF11CD-62F9-4987-93F6-8012C63B289C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A6112B77-093B-431E-96A9-96BBC0823C76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "797A1C0F-D246-41A2-91D2-5563E4578D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AD69B2A5-614A-435A-92C4-1E2121D4C175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE902C9-4305-481A-8455-077436F42ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9F9C93-3286-4C3C-B41A-86E71FA38E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FCECA06B-7844-482D-A726-2AD89D34C372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "437651F4-1017-430B-A824-E3C2EEEDB56D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.12:pre:*:*:*:*:*:*",
"matchCriteriaId": "B8DBBF88-CD87-4AC7-9FEE-542C370DAE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "393F4032-A538-489F-8643-27608E4D51B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.13:pre:*:*:*:*:*:*",
"matchCriteriaId": "87EC9E05-7338-4261-A956-07CC209E4464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "206B8BAA-C7EE-464A-BCCE-8A56B45C2A6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "55F6C45C-5EF1-49F0-99E7-D51E39DD5D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "459F34A9-078A-4B7D-95B9-C2ED16733B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "27CE48D2-785D-46C4-A8F3-5EC12A02C565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "7193DFEA-3B0D-4E45-B262-E0078549FB2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors."
},
{
"lang": "es",
"value": "mount en util-linux v2.19 y anteriores no elimina el archivo lock /etc/mtab~ despu\u00e9s de un intento fallido de a\u00f1adir un punto de montaje, lo cual tiene un impacto no especificado y vectores de ataque locales."
}
],
"id": "CVE-2011-1677",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-04-10T02:55:02.103",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48114"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66703"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2011-1676
Vulnerability from fkie_nvd - Published: 2011-04-10 02:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/04/10 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/04/11 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/04/12 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/04/9 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/05/3 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/05/7 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/07/9 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/14/16 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/14/5 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/14/7 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/15/6 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/22/4 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/22/6 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/31/3 | Exploit | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/31/4 | ||
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/04/01/2 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=688980 | Exploit | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/66704 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/10 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/12 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/9 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/05/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/05/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/07/9 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/14/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/14/5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/14/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/15/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/22/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/22/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/31/3 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/31/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/04/01/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=688980 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/66704 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | util-linux | * | |
| linux | util-linux | 2.2 | |
| linux | util-linux | 2.5 | |
| linux | util-linux | 2.7 | |
| linux | util-linux | 2.8 | |
| linux | util-linux | 2.9 | |
| linux | util-linux | 2.10 | |
| linux | util-linux | 2.11 | |
| linux | util-linux | 2.12 | |
| linux | util-linux | 2.12 | |
| linux | util-linux | 2.13 | |
| linux | util-linux | 2.13 | |
| linux | util-linux | 2.14 | |
| linux | util-linux | 2.15 | |
| linux | util-linux | 2.16 | |
| linux | util-linux | 2.17 | |
| linux | util-linux | 2.18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linux:util-linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60DFC5FF-1ABB-4D06-8560-E47906167008",
"versionEndIncluding": "2.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F0DF11CD-62F9-4987-93F6-8012C63B289C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A6112B77-093B-431E-96A9-96BBC0823C76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "797A1C0F-D246-41A2-91D2-5563E4578D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AD69B2A5-614A-435A-92C4-1E2121D4C175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE902C9-4305-481A-8455-077436F42ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9F9C93-3286-4C3C-B41A-86E71FA38E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FCECA06B-7844-482D-A726-2AD89D34C372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "437651F4-1017-430B-A824-E3C2EEEDB56D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.12:pre:*:*:*:*:*:*",
"matchCriteriaId": "B8DBBF88-CD87-4AC7-9FEE-542C370DAE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "393F4032-A538-489F-8643-27608E4D51B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.13:pre:*:*:*:*:*:*",
"matchCriteriaId": "87EC9E05-7338-4261-A956-07CC209E4464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "206B8BAA-C7EE-464A-BCCE-8A56B45C2A6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "55F6C45C-5EF1-49F0-99E7-D51E39DD5D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "459F34A9-078A-4B7D-95B9-C2ED16733B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "27CE48D2-785D-46C4-A8F3-5EC12A02C565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "7193DFEA-3B0D-4E45-B262-E0078549FB2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations."
},
{
"lang": "es",
"value": "mount in util-linux v2.19 y anteriores no elimina el fichero /etc/mtab.tmp despu\u00e9s de un intento fallido de a\u00f1adir un punto de montaje, lo que permite a usuarios locales provocar una corrupci\u00f3n del fichero /etc/mtab mediante m\u00faltiples llamadas."
}
],
"id": "CVE-2011-1676",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-04-10T02:55:01.977",
"references": [
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66704"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2011-1675
Vulnerability from fkie_nvd - Published: 2011-04-10 02:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/04/10 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/04/11 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/04/12 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/04/9 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/05/3 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/05/7 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/07/9 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/14/16 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/14/5 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/14/7 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/15/6 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/22/4 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/22/6 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/31/3 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/31/4 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/04/01/2 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/48114 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2011-1691.html | Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=688980 | Issue Tracking | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/66705 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/10 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/11 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/12 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/9 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/05/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/05/7 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/07/9 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/14/16 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/14/5 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/14/7 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/15/6 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/22/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/22/6 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/31/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/31/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/04/01/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48114 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1691.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=688980 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/66705 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | util-linux | * | |
| linux | util-linux | 2.2 | |
| linux | util-linux | 2.5 | |
| linux | util-linux | 2.7 | |
| linux | util-linux | 2.8 | |
| linux | util-linux | 2.9 | |
| linux | util-linux | 2.10 | |
| linux | util-linux | 2.11 | |
| linux | util-linux | 2.12 | |
| linux | util-linux | 2.12 | |
| linux | util-linux | 2.13 | |
| linux | util-linux | 2.13 | |
| linux | util-linux | 2.14 | |
| linux | util-linux | 2.15 | |
| linux | util-linux | 2.16 | |
| linux | util-linux | 2.17 | |
| linux | util-linux | 2.18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linux:util-linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60DFC5FF-1ABB-4D06-8560-E47906167008",
"versionEndIncluding": "2.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F0DF11CD-62F9-4987-93F6-8012C63B289C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A6112B77-093B-431E-96A9-96BBC0823C76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "797A1C0F-D246-41A2-91D2-5563E4578D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AD69B2A5-614A-435A-92C4-1E2121D4C175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE902C9-4305-481A-8455-077436F42ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9F9C93-3286-4C3C-B41A-86E71FA38E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FCECA06B-7844-482D-A726-2AD89D34C372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "437651F4-1017-430B-A824-E3C2EEEDB56D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.12:pre:*:*:*:*:*:*",
"matchCriteriaId": "B8DBBF88-CD87-4AC7-9FEE-542C370DAE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "393F4032-A538-489F-8643-27608E4D51B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.13:pre:*:*:*:*:*:*",
"matchCriteriaId": "87EC9E05-7338-4261-A956-07CC209E4464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "206B8BAA-C7EE-464A-BCCE-8A56B45C2A6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "55F6C45C-5EF1-49F0-99E7-D51E39DD5D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "459F34A9-078A-4B7D-95B9-C2ED16733B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "27CE48D2-785D-46C4-A8F3-5EC12A02C565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "7193DFEA-3B0D-4E45-B262-E0078549FB2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089."
},
{
"lang": "es",
"value": "mount in util-linux v2.19 y anteriores, intenta a\u00f1adir al fichero /etc/mtab.tmp sin primero comprobar si los limites del recurso interfieren, lo que permite a usuarios locales provocar una corrupci\u00f3n del fichero /etc/mtab mediante un proceso con un valor RLIMIT_FSIZE peque\u00f1o, un asunto relacionado con CVE-2011-1089."
}
],
"id": "CVE-2011-1675",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-04-10T02:55:01.853",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48114"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66705"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-1926
Vulnerability from fkie_nvd - Published: 2008-04-24 05:05 - Updated: 2025-04-09 00:30
Severity ?
Summary
Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=blobdiff%3Bf=login-utils/login.c%3Bh=230121316d953c59e7842c1325f6e9f326a37608%3Bhp=aad27794327c60391b5148b367d2c79338fc6ee4%3Bhb=8ccf0b253ac0f4f58d64bc9674de18bff5a88782%3Bhpb=3a4a13b12a8065b0b5354686d2807cce421a9973 | ||
| secalert@redhat.com | http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=8ccf0b253ac0f4f58d64bc9674de18bff5a88782 | ||
| secalert@redhat.com | http://secunia.com/advisories/29982 | ||
| secalert@redhat.com | http://secunia.com/advisories/30014 | ||
| secalert@redhat.com | http://secunia.com/advisories/35161 | ||
| secalert@redhat.com | http://wiki.rpath.com/Advisories:rPSA-2009-0143 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2008:114 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0981.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/507854/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/28983 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1022256 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2008/1392/references | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/41987 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9833 | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00624.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=blobdiff%3Bf=login-utils/login.c%3Bh=230121316d953c59e7842c1325f6e9f326a37608%3Bhp=aad27794327c60391b5148b367d2c79338fc6ee4%3Bhb=8ccf0b253ac0f4f58d64bc9674de18bff5a88782%3Bhpb=3a4a13b12a8065b0b5354686d2807cce421a9973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=8ccf0b253ac0f4f58d64bc9674de18bff5a88782 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29982 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30014 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35161 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/Advisories:rPSA-2009-0143 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:114 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0981.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/507854/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/28983 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022256 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1392/references | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/41987 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9833 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00624.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | util-linux | 2.13 | |
| linux | util-linux | 2.13.0.1 | |
| linux | util-linux | 2.13.1 | |
| linux | util-linux | 2.13.1.1 | |
| linux | util-linux | 2.14 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linux:util-linux:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "393F4032-A538-489F-8643-27608E4D51B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8756FB28-086B-472F-8F0B-29570EE41BBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1ADC6E-3146-480E-BA04-5030C3E95AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.13.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B4D85E2-1EE1-40BA-9FE7-FE2C0779FA16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linux:util-linux:2.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6EC054D9-5945-4BB9-A200-B764E4806D96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an \"addr=\" statement to the login name, aka \"audit log injection.\""
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n de argumento en login (login-utils/login.c) de util-linux-ng 2.14 y anteriores, hace que atacantes remotos puedan esconder f\u00e1cilmente sus actividades modificando partes del log de sucesos, como se ha demostrado a\u00f1adiendo una sentencia \"addr=\" en el campo \"name\" del login, tambi\u00e9n conocido como \"audit log injection.\""
}
],
"id": "CVE-2008-1926",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-24T05:05:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=blobdiff%3Bf=login-utils/login.c%3Bh=230121316d953c59e7842c1325f6e9f326a37608%3Bhp=aad27794327c60391b5148b367d2c79338fc6ee4%3Bhb=8ccf0b253ac0f4f58d64bc9674de18bff5a88782%3Bhpb=3a4a13b12a8065b0b5354686d2807cce421a9973"
},
{
"source": "secalert@redhat.com",
"url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=8ccf0b253ac0f4f58d64bc9674de18bff5a88782"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/29982"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/30014"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/35161"
},
{
"source": "secalert@redhat.com",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0143"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:114"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0981.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/507854/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/28983"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1022256"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2008/1392/references"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41987"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9833"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00624.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=blobdiff%3Bf=login-utils/login.c%3Bh=230121316d953c59e7842c1325f6e9f326a37608%3Bhp=aad27794327c60391b5148b367d2c79338fc6ee4%3Bhb=8ccf0b253ac0f4f58d64bc9674de18bff5a88782%3Bhpb=3a4a13b12a8065b0b5354686d2807cce421a9973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=8ccf0b253ac0f4f58d64bc9674de18bff5a88782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0981.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/507854/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1392/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00624.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue affecting Red Hat Enterprise Linux 5 and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-1926\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. \n\nThis issue has been addressed in Red Hat Enterprise Linux 4 with the following update:\nhttps://rhn.redhat.com/errata/RHSA-2009-0981.html",
"lastModified": "2009-05-18T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}