RHSA-2017:0907

Affecting util-linux package, versions <0:2.23.2-33.el7_3.2

Report new vulnerabilities
medium severity
Do your applications use this vulnerable package? Test your applications

Overview

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es): * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stöckmann for reporting this issue. Bug Fix(es): * The "findmnt --target " command prints all file systems where the mount point directory is . Previously, when used in the chroot environment, "findmnt --target " incorrectly displayed all mount points. The command has been fixed so that it now checks the mount point path and returns information only for the relevant mount point. (BZ#1414481)

CVE
RHSA-2017:0907
Snyk ID
SNYK-CENTOS7-UTILLINUX-285799
Published
27 Jun, 2018