| Release | Version |
|---|---|
| jessie | 2.25.2-6 |
| stretch | 2.29.2-1+deb9u1 |
| buster | 2.33.1-0.1 |
| buster (security) | 2.33.1-0.1+deb10u1 |
| bullseye | 2.36.1-8+deb11u1 |
| bullseye (security) | 2.36.1-8+deb11u2 |
| bookworm | 2.38.1-5 |
| bookworm (security) | 2.38.1-5+deb12u1 |
| trixie | 2.39.3-6 |
| sid | 2.40-6 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-28085 | vulnerable | vulnerable | fixed | fixed | fixed | vulnerable | fixed | wall in util-linux through 2.40, often installed with setgid tty permi ... |
| CVE-2021-37600 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | An integer overflow in util-linux through 2.37.1 can potentially cause ... |
| CVE-2020-21583 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in hwclock.13-v2.27 allows attackers to gain e ... |
| CVE-2016-5011 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | The parse_dos_extended function in partitions/dos.c in the libblkid li ... |
| CVE-2016-2779 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | runuser in util-linux allows local users to escape to the parent sessi ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| TEMP-0786804-C23D2B | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | hwclock(8) SUID privilege escalation |
| CVE-2022-0563 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in the util-linux chfn and chsh utilities when compil ... |
| CVE-2017-2616 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | A race condition was found in util-linux before 2.32.1 in the way su h ... |
| CVE-2015-5224 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | The mkostemp function in login-utils in util-linux when used incorrect ... |
| CVE-2015-5218 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before ... |
| Bug | Description |
|---|---|
| CVE-2021-3996 | A logic error was found in the libmount library of util-linux in the f ... |
| CVE-2021-3995 | A logic error was found in the libmount library of util-linux in the f ... |
| CVE-2018-7738 | In util-linux before 2.32-rc1, bash-completion/umount allows local use ... |
| CVE-2014-9114 | Blkid in util-linux before 2.26rc-1 allows local users to execute arbi ... |
| CVE-2013-0157 | (a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably ot ... |
| CVE-2011-1677 | mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lo ... |
| CVE-2011-1675 | mount in util-linux 2.19 and earlier attempts to append to the /etc/mt ... |
| CVE-2008-1926 | Argument injection vulnerability in login (login-utils/login.c) in uti ... |
| CVE-2007-5191 | mount and umount in util-linux and loop-aes-utils call the setuid and ... |
| CVE-2007-0822 | umount, when running with the Linux 2.6.15 kernel on Slackware Linux 1 ... |
| CVE-2006-7108 | login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when auth ... |
| CVE-2005-2876 | umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other ... |
| CVE-2001-1494 | script command in the util-linux package before 2.11n allows local use ... |
| DSA / DLA | Description |
|---|---|
| DLA-3782-1 | util-linux - security update |
| DSA-5650-1 | util-linux - security update |
| DSA-5055-1 | util-linux - security update |
| DSA-4134-1 | util-linux - security update |
| DSA-1450-1 | util-linux privilege escalation |
| DSA-823-1 | util-linux - privilege escalation |