VulnerableCode Package Details - pkg:deb/ubuntu/util-linux@2.31.1-0.4ubuntu3.6

Search for packages

Package details: pkg:deb/ubuntu/util-linux@2.31.1-0.4ubuntu3.6

Essentials
History (0)

purl	pkg:deb/ubuntu/util-linux@2.31.1-0.4ubuntu3.6

Next non-vulnerable version	2.33.1-0.1ubuntu2
Latest non-vulnerable version	2.33.1-0.1ubuntu2
Risk	3.9

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-48cm-kxb5-aaag Aliases: CVE-2016-2779	runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.	2.33.1-0.1ubuntu2 Affected by 0 other vulnerabilities.
VCID-xgvn-7emk-aaaj Aliases: CVE-2018-7738	In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.	2.33.1-0.1ubuntu2 Affected by 0 other vulnerabilities.
VCID-xkfe-mpjz-aaap Aliases: CVE-2016-5011	The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.	2.33.1-0.1ubuntu2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version