Information on source package util-linux

Available versions

ReleaseVersion
jessie2.26.2+really2.25.2-6+deb8u2
stretch2.29.2-1+deb9u3
stretch (security)2.29.2-1+deb9u1
buster2.33.1-0.1+deb10u1
bullseye2.36.1-8+deb11u2
bookworm2.38.1-5+deb12u2
bookworm (security)2.38.1-5+deb12u1
trixie2.40.2-12
sid2.40.2-12

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2020-21583vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedAn issue was discovered in hwclock.13-v2.27 allows attackers to gain e ...
CVE-2016-5011vulnerable (no DSA)fixedfixedfixedfixedfixedfixedThe parse_dos_extended function in partitions/dos.c in the libblkid li ...
CVE-2016-2779vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedfixedrunuser in util-linux allows local users to escape to the parent sessi ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
TEMP-0786804-C23D2Bvulnerablefixedfixedfixedfixedfixedfixedhwclock(8) SUID privilege escalation
CVE-2022-0563vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableA flaw was found in the util-linux chfn and chsh utilities when compil ...
CVE-2017-2616vulnerablefixedfixedfixedfixedfixedfixedA race condition was found in util-linux before 2.32.1 in the way su h ...
CVE-2015-5224vulnerablefixedfixedfixedfixedfixedfixedThe mkostemp function in login-utils in util-linux when used incorrect ...
CVE-2015-5218vulnerablefixedfixedfixedfixedfixedfixedBuffer overflow in text-utils/colcrt.c in colcrt in util-linux before ...

Resolved issues

BugDescription
CVE-2024-28085wall in util-linux through 2.40, often installed with setgid tty permi ...
CVE-2021-37600An integer overflow in util-linux through 2.37.1 can potentially cause ...
CVE-2021-3996A logic error was found in the libmount library of util-linux in the f ...
CVE-2021-3995A logic error was found in the libmount library of util-linux in the f ...
CVE-2018-7738In util-linux before 2.32-rc1, bash-completion/umount allows local use ...
CVE-2014-9114Blkid in util-linux before 2.26rc-1 allows local users to execute arbi ...
CVE-2013-0157(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably ot ...
CVE-2011-1677mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lo ...
CVE-2011-1675mount in util-linux 2.19 and earlier attempts to append to the /etc/mt ...
CVE-2008-1926Argument injection vulnerability in login (login-utils/login.c) in uti ...
CVE-2007-5191mount and umount in util-linux and loop-aes-utils call the setuid and ...
CVE-2007-0822umount, when running with the Linux 2.6.15 kernel on Slackware Linux 1 ...
CVE-2006-7108login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when auth ...
CVE-2005-2876umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other ...
CVE-2001-1494script command in the util-linux package before 2.11n allows local use ...

Security announcements

DSA / DLADescription
ELA-1154-1util-linux - security update
ELA-1078-1util-linux - security update
DLA-3782-1util-linux - security update
DSA-5650-1util-linux - security update
DSA-5055-1util-linux - security update
DSA-4134-1util-linux - security update
DSA-1450-1util-linux privilege escalation
DSA-823-1util-linux - privilege escalation

Search for package or bug name: Reporting problems