Security
Headlines
HeadlinesLatestCVEs

Headline

Gentoo Linux Security Advisory 202401-08

Gentoo Linux Security Advisory 202401-8 - Multiple vulnerabilities have been discovered in util-linux which can lead to denial of service or information disclosure. Versions greater than or equal to 2.37.4 are affected.

Packet Storm
#vulnerability#web#mac#linux#dos

Gentoo Linux Security Advisory GLSA 202401-08


                                       https://security.gentoo.org/  

Severity: Normal
Title: util-linux: Multiple Vulnerabilities
Date: January 07, 2024
Bugs: #806070, #831978, #833365
ID: 202401-08


Synopsis

Multiple vulnerabilities have been discovered in util-linux which can
lead to denial of service or information disclosure.

Background

util-linux is a suite of Linux programs including mount and umount,
programs used to mount and unmount filesystems.

Affected packages

Package Vulnerable Unaffected


sys-apps/util-linux < 2.37.4 >= 2.37.4

Description

Multiple vulnerabilities have been discovered in util-linux. Please
review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All util-linux users should upgrade to the latest version:

emerge --sync

emerge --ask --oneshot --verbose “>=sys-apps/util-linux-2.37.4”

References

[ 1 ] CVE-2021-3995
https://nvd.nist.gov/vuln/detail/CVE-2021-3995
[ 2 ] CVE-2021-3996
https://nvd.nist.gov/vuln/detail/CVE-2021-3996
[ 3 ] CVE-2021-37600
https://nvd.nist.gov/vuln/detail/CVE-2021-37600
[ 4 ] CVE-2022-0563
https://nvd.nist.gov/vuln/detail/CVE-2022-0563

Availability

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/202401-08

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users’ machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or alternatively, you may file a bug at
https://bugs.gentoo.org.

License

Copyright 2024 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Related news

CVE-2023-43074: DSA-2023-141: Dell Unity, Unity VSA and Unity XT Security Update for Multiple Vulnerability

Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by crafting arbitrary files through a request to the server.

CVE-2023-28069: DSA-2022-258: Dell Streaming Data Platform Security Update for Multiple Third-Party Component Vulnerabilities

Dell Streaming Data Platform prior to 1.4 contains Open Redirect vulnerability. An attacker with privileges same as a legitimate user can phish the legitimate the user to redirect to malicious website leading to information disclosure and launch of phishing attacks.

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

snap-confine must_mkdir_and_open_with_perms() Race Condition

Qualys discovered a race condition (CVE-2022-3328) in snap-confine, a SUID-root program installed by default on Ubuntu. In this advisory,they tell the story of this vulnerability (which was introduced in February 2022 by the patch for CVE-2021-44731) and detail how they exploited it in Ubuntu Server (a local privilege escalation, from any user to root) by combining it with two vulnerabilities in multipathd (an authorization bypass and a symlink attack, CVE-2022-41974 and CVE-2022-41973).

snap-confine must_mkdir_and_open_with_perms() Race Condition

Qualys discovered a race condition (CVE-2022-3328) in snap-confine, a SUID-root program installed by default on Ubuntu. In this advisory,they tell the story of this vulnerability (which was introduced in February 2022 by the patch for CVE-2021-44731) and detail how they exploited it in Ubuntu Server (a local privilege escalation, from any user to root) by combining it with two vulnerabilities in multipathd (an authorization bypass and a symlink attack, CVE-2022-41974 and CVE-2022-41973).

CVE-2021-3995: Invalid Bug ID

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.

CVE-2021-3996: libmount: remove support for deleted mount table entries · util-linux/util-linux@166e873

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.

CVE-2022-0563: [ANNOUNCE] util-linux v2.37.4

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.

Packet Storm: Latest News

Ivanti EPM Agent Portal Command Execution