Download
| Alert*
|
oval:org.secpod.oval:def:89002255
This update for util-linux fixes the following issues: This non-security issue was fixed: - CVE-2018-7738: bash-completion/umount allowed local users to gain privileges by embedding shell commands in a mountpoint name, which was mishandled during a umount command by a different user . These non-secu ... oval:org.secpod.oval:def:603306 Bjorn Bosselmann discovered that the umount bash completion from util-linux does not properly handle embedded shell commands in a mountpoint name. An attacker with rights to mount filesystems can take advantage of this flaw for privilege escalation if a user is tricked into using the umount complet ... oval:org.secpod.oval:def:705633 util-linux: miscellaneous system utilities util-linux could be made to run programs when performing bash completion. oval:org.secpod.oval:def:67118 util-linux: miscellaneous system utilities util-linux could be made to run programs when performing bash completion. oval:org.secpod.oval:def:3301666 Security update for util-linux oval:org.secpod.oval:def:1701083 A command injection flaw was found in the way util-linux implements umount autocompletion in Bash. An attacker with the ability to mount a filesystem with custom mount points may execute arbitrary commands on behalf of the user who triggers the umount autocompletion oval:org.secpod.oval:def:53271 Bjorn Bosselmann discovered that the umount bash completion from util-linux does not properly handle embedded shell commands in a mountpoint name. An attacker with rights to mount filesystems can take advantage of this flaw for privilege escalation if a user is tricked into using the umount complet ... oval:org.secpod.oval:def:89002279 This update for util-linux fixes the following issues: This non-security issue was fixed: - CVE-2018-7738: bash-completion/umount allowed local users to gain privileges by embedding shell commands in a mountpoint name, which was mishandled during a umount command by a different user . These non-secu ... oval:org.secpod.oval:def:114133 The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, Util-linux contains the fdisk configuration tool and the login program. oval:org.secpod.oval:def:89049649 This update for util-linux fixes the following security issue: - CVE-2018-7738: Fix local vulnerability using embedded shell commands in a mountpoint name oval:org.secpod.oval:def:89049249 This update for util-linux fixes the following issues: * CVE-2018-7738: Fixed shell code injection in umount bash-completions oval:org.secpod.oval:def:89003480 This update for util-linux fixes the following issues: This non-security issue was fixed: - CVE-2018-7738: bash-completion/umount allowed local users to gain privileges by embedding shell commands in a mountpoint name, which was mishandled during a umount command by a different user . These non-secu ... oval:org.secpod.oval:def:89051155 This update for util-linux fixes the following issues: * CVE-2018-7738: Fixed shell code injection in umount bash-completions . |
