Download
| Alert*
oval:org.secpod.oval:def:89043489
This update for coreutils fixes one issue. This security issue was fixed: - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges oval:org.secpod.oval:def:204474 The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix: * A race condition was found in the way su handled the management of child pr ... oval:org.secpod.oval:def:89044717 This update for util-linux fixes the following issues: This security issue was fixed: - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges . This non-security issues were fixed: - lscpu: Implement WSL detection and w ... oval:org.secpod.oval:def:204659 The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fix: * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this ... oval:org.secpod.oval:def:1901692 A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. oval:org.secpod.oval:def:112104 The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, Util-linux contains the fdisk configuration tool and the login program. oval:org.secpod.oval:def:502012 The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix: * A race condition was found in the way su handled the management of child pr ... oval:org.secpod.oval:def:112080 The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, Util-linux contains the fdisk configuration tool and the login program. oval:org.secpod.oval:def:1600694 Sending SIGKILL to other processes with root privileges via su:A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. oval:org.secpod.oval:def:1501816 The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fix: * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this ... oval:org.secpod.oval:def:703584 shadow: system login tools su could be made to crash or stop programs as an administrator. oval:org.secpod.oval:def:51782 shadow: system login tools su could be made to crash or stop programs as an administrator. oval:org.secpod.oval:def:1800451 CVE-2016-6252: Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. oval:org.secpod.oval:def:502006 The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fix: * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this ... oval:org.secpod.oval:def:602780 Several vulnerabilities were discovered in the shadow suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-6252 An integer overflow vulnerability was discovered, potentially allowing a local user to escalate privileges via crafted input to the newuidmap ... oval:org.secpod.oval:def:1501823 The advisory is missing the security advisory description. For more information please visit the reference link |