ALT-PU-2019-1609-1
Package util-linux updated to version 2.33.1-alt1 for branch sisyphus in task 226906.
Closed vulnerabilities
Published: 2018-07-27
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-2616
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
Severity: MEDIUM (4.7)
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
- RHSA-2017:0654
- RHSA-2017:0654
- 96404
- 96404
- 1038271
- 1038271
- RHSA-2017:0907
- RHSA-2017:0907
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616
- https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891
- https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891
- GLSA-201706-02
- GLSA-201706-02
- DSA-3793
- DSA-3793