CVE-2022-0563: [ANNOUNCE] util-linux v2.37.4

* [ANNOUNCE] util-linux v2.37.4 @ 2022-02-14 11:06 Karel Zak 0 siblings, 0 replies; only message in thread From: Karel Zak @ 2022-02-14 11:06 UTC (permalink / raw) To: linux-kernel, linux-fsdevel, util-linux

The util-linux release v2.37.4 is available at

http://www.kernel.org/pub/linux/utils/util-linux/v2.37/

Feedback and bug reports, as always, are welcomed.

This release fixes security issue in chsh(1) and chfn(8) when util-linux compiled with libreadline.

CVE-2022-0563

The readline library uses INPUTRC= environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file.

Unfortunately, the library does not use secure_getenv() (or a similar concept), or sanitize the config file path to avoid vulnerabilities that could occur if set-user-ID or set-group-ID programs.

Note, this vulnerability has been reproduced on chfn(8), but this command requires enabled CHFN_RESTRICT setting in /etc/login.defs. This setting may be disabled by default.

– Karel Zak [email protected] http://karelzak.blogspot.com

^ permalink raw reply [flat|nested] only message in thread

only message in thread, other threads:[~2022-02-14 11:28 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed) – links below jump to the message on this page – 2022-02-14 11:06 [ANNOUNCE] util-linux v2.37.4 Karel Zak

This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).