A incorrect variable in a SUSE specific patch for pam_access rule matching in PAM 1.3.0 in openSUSE Leap 15.0 and SUSE Linux Enterprise 15 could lead to pam_access rules not being applied (fail open).
Max CVSS
9.3
EPSS Score
0.22%
Published
2018-11-27
Updated
2019-10-09
In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.
Max CVSS
7.8
EPSS Score
0.04%
Published
2018-03-07
Updated
2020-09-25
runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-02-07
Updated
2019-01-04
The mkostemp function in login-utils in util-linux when used incorrectly allows remote attackers to cause file name collision and possibly other attacks.
Max CVSS
9.8
EPSS Score
0.60%
Published
2017-08-23
Updated
2020-09-11
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-03-31
Updated
2021-06-29
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.
Max CVSS
7.2
EPSS Score
0.07%
Published
2007-10-04
Updated
2020-11-04
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!