Vulnerabilities > CVE-2016-5011
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
Vulnerable Configurations
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-0553-1.NASL description This update for util-linux fixes a number of bugs and two security issues. The following security bugs were fixed : - CVE-2016-5011: Infinite loop DoS in libblkid while parsing DOS partition (bsc#988361) - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges (bsc#1023041). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 97380 published 2017-02-24 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97380 title SUSE SLES12 Security Update : util-linux (SUSE-SU-2017:0553-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2017:0553-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(97380); script_version("3.11"); script_cvs_date("Date: 2019/09/11 11:22:15"); script_cve_id("CVE-2016-5011", "CVE-2017-2616"); script_name(english:"SUSE SLES12 Security Update : util-linux (SUSE-SU-2017:0553-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for util-linux fixes a number of bugs and two security issues. The following security bugs were fixed : - CVE-2016-5011: Infinite loop DoS in libblkid while parsing DOS partition (bsc#988361) - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges (bsc#1023041). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1008965" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1012504" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1012632" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1019332" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1020077" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1023041" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=947494" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=966891" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=978993" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=982331" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=983164" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=987176" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=988361" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-5011/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-2616/" ); # https://www.suse.com/support/update/announcement/2017/suse-su-20170553-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?0dd6fd0d" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Server for SAP 12:zypper in -t patch SUSE-SLE-SAP-12-2017-290=1 SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-2017-290=1 To bring your system up-to-date, use 'zypper patch'." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libblkid1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libblkid1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmount1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmount1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmartcols1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmartcols1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libuuid1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libuuid1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libmount"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libmount-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libmount-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-systemd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-systemd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-systemd-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:uuidd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:uuidd-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/04/11"); script_set_attribute(attribute:"patch_publication_date", value:"2017/02/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/02/24"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"0", reference:"libblkid1-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libblkid1-debuginfo-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libmount1-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libmount1-debuginfo-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libsmartcols1-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libsmartcols1-debuginfo-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libuuid1-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libuuid1-debuginfo-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"python-libmount-2.25-24.10.3")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"python-libmount-debuginfo-2.25-24.10.3")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"python-libmount-debugsource-2.25-24.10.3")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"util-linux-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"util-linux-debuginfo-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"util-linux-debugsource-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"util-linux-systemd-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"util-linux-systemd-debuginfo-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"util-linux-systemd-debugsource-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"uuidd-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"uuidd-debuginfo-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libblkid1-32bit-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libblkid1-debuginfo-32bit-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libmount1-32bit-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libmount1-debuginfo-32bit-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libuuid1-32bit-2.25-24.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libuuid1-debuginfo-32bit-2.25-24.10.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "util-linux"); }NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-2605.NASL description An update for util-linux is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es) : * It was found that util-linux last seen 2020-06-01 modified 2020-06-02 plugin id 95351 published 2016-11-28 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95351 title CentOS 7 : util-linux (CESA-2016:2605) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2016:2605 and # CentOS Errata and Security Advisory 2016:2605 respectively. # include("compat.inc"); if (description) { script_id(95351); script_version("3.8"); script_cvs_date("Date: 2020/01/02"); script_cve_id("CVE-2016-5011"); script_xref(name:"RHSA", value:"2016:2605"); script_name(english:"CentOS 7 : util-linux (CESA-2016:2605)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for util-linux is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es) : * It was found that util-linux's libblkid library did not properly handle Extended Boot Record (EBR) partitions when reading MS-DOS partition tables. An attacker with physical USB access to a protected machine could insert a storage device with a specially crafted partition table that could, for example, trigger an infinite loop in systemd-udevd, resulting in a denial of service on that machine. (CVE-2016-5011) Red Hat would like to thank Michael Gruhn for reporting this issue. Upstream acknowledges Christian Moch as the original reporter. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section." ); # https://lists.centos.org/pipermail/centos-cr-announce/2016-November/003549.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?b99c10e1" ); script_set_attribute( attribute:"solution", value:"Update the affected util-linux packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-5011"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libblkid"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libblkid-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libmount"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libmount-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libuuid"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libuuid-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:util-linux"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:uuidd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/04/11"); script_set_attribute(attribute:"patch_publication_date", value:"2016/11/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/28"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 7.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libblkid-2.23.2-33.el7")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libblkid-devel-2.23.2-33.el7")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libmount-2.23.2-33.el7")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libmount-devel-2.23.2-33.el7")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libuuid-2.23.2-33.el7")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libuuid-devel-2.23.2-33.el7")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"util-linux-2.23.2-33.el7")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"uuidd-2.23.2-33.el7")) flag++; if (flag) { cr_plugin_caveat = '\n' + 'NOTE: The security advisory associated with this vulnerability has a\n' + 'fixed package version that may only be available in the continuous\n' + 'release (CR) repository for CentOS, until it is present in the next\n' + 'point release of CentOS.\n\n' + 'If an equal or higher package level does not exist in the baseline\n' + 'repository for your major version of CentOS, then updates from the CR\n' + 'repository will need to be applied in order to address the\n' + 'vulnerability.\n'; security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + cr_plugin_caveat ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libblkid / libblkid-devel / libmount / libmount-devel / libuuid / etc"); }NASL family Huawei Local Security Checks NASL id EULEROS_SA-2016-1068.NASL description According to the version of the util-linux packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that util-linux last seen 2020-05-06 modified 2017-05-01 plugin id 99830 published 2017-05-01 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99830 title EulerOS 2.0 SP1 : util-linux (EulerOS-SA-2016-1068) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(99830); script_version("1.12"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04"); script_cve_id( "CVE-2016-5011" ); script_name(english:"EulerOS 2.0 SP1 : util-linux (EulerOS-SA-2016-1068)"); script_summary(english:"Checks the rpm output for the updated package."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing a security update."); script_set_attribute(attribute:"description", value: "According to the version of the util-linux packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that util-linux's libblkid library did not properly handle Extended Boot Record (EBR) partitions when reading MS-DOS partition tables. An attacker with physical USB access to a protected machine could insert a storage device with a specially crafted partition table that could, for example, trigger an infinite loop in systemd-udevd, resulting in a denial of service on that machine.(CVE-2016-5011) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1068 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8a000368"); script_set_attribute(attribute:"solution", value: "Update the affected util-linux package."); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"patch_publication_date", value:"2016/11/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libblkid"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libblkid-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libmount"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libuuid"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libuuid-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:util-linux"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:uuidd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) || sp !~ "^(1)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["libblkid-2.23.2-33", "libblkid-devel-2.23.2-33", "libmount-2.23.2-33", "libuuid-2.23.2-33", "libuuid-devel-2.23.2-33", "util-linux-2.23.2-33", "uuidd-2.23.2-33"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"1", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "util-linux"); }NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-2954-1.NASL description This update for util-linux fixes the following issues : - Consider redundant slashes when comparing paths (bsc#982331, util-linux-libmount-ignore-redundant-slashes.patch, affects backport of util-linux-libmount-cifs-is_mounted.patch). - Use upstream compatibility patches for --show-pt-geometry with obsolescence and deprecation warning (bsc#990531) - Replace cifs mount detection patch with upstream one that covers all cases (bsc#987176). - Reuse existing loop device to prevent possible data corruption when multiple -o loop are used to mount a single file (bsc#947494) - Safe loop re-use in libmount, mount and losetup (bsc#947494) - UPSTREAM DIVERGENCE!!! losetup -L continues to use SLE12 SP1 and SP2 specific meaning --logical-blocksize instead of upstream --nooverlap (bsc#966891). - Make release-dependent conflict with old sysvinit-tools SLE specific, as it is required only for SLE 11 upgrade, and breaks openSUSE staging builds (bsc#994399). - Extended partition loop in MBR partition table leads to DoS (bsc#988361, CVE-2016-5011) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 95424 published 2016-12-01 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95424 title SUSE SLED12 / SLES12 Security Update : util-linux (SUSE-SU-2016:2954-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-2764-1.NASL description This update for util-linux fixes a number of bugs and one minor security issue. The following minor vulnerability was fixed : - CVE-2016-5011: Infinite loop DoS in libblkid while parsing DOS partition (bsc#988361) The following bugs were fixed : - bsc#987176: When mounting a subfolder of a CIFS share, mount -a would show the mount as busy - bsc#947494: mount -a would fail to recognize btrfs already mounted, address loop re-use in libmount - bsc#966891: Conflict in meaning of losetup -L. This switch in SLE12 SP1 and SP2 continues to carry the meaning of --logical-blocksize instead of upstream --nooverlap - bsc#994399: Package would trigger conflicts with sysvinit-tools - bsc#983164: mount uid= and gid= would reject valid non UID/GID values - bsc#978993: cfdisk would mangle some text output - bsc#982331: libmount: ignore redundant slashes Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 94668 published 2016-11-10 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94668 title SUSE SLED12 / SLES12 Security Update : util-linux (SUSE-SU-2016:2764-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-2605.NASL description An update for util-linux is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es) : * It was found that util-linux last seen 2020-06-01 modified 2020-06-02 plugin id 94568 published 2016-11-04 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94568 title RHEL 7 : util-linux (RHSA-2016:2605) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-2605.NASL description From Red Hat Security Advisory 2016:2605 : An update for util-linux is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es) : * It was found that util-linux last seen 2020-06-01 modified 2020-06-02 plugin id 94724 published 2016-11-11 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94724 title Oracle Linux 7 : util-linux (ELSA-2016-2605) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-1317.NASL description This update for util-linux fixes a number of bugs and one minor security issue. The following minor vulnerability was fixed : - CVE-2016-5011: Infinite loop DoS in libblkid while parsing DOS partition (bsc#988361) The following bugs were fixed : - bsc#987176: When mounting a subfolder of a CIFS share, mount -a would show the mount as busy - bsc#947494: mount -a would fail to recognize btrfs already mounted, address loop re-use in libmount - bsc#966891: Conflict in meaning of losetup -L. This switch in SLE12 SP1 and SP2 continues to carry the meaning of --logical-blocksize instead of upstream --nooverlap - bsc#994399: Package would trigger conflicts with sysvinit-tools - bsc#983164: mount uid= and gid= would reject valid non UID/GID values - bsc#978993: cfdisk would mangle some text output - bsc#982331: libmount: ignore redundant slashes This update was imported from the SUSE:SLE-12-SP1:Update update project. last seen 2020-06-05 modified 2016-11-18 plugin id 94951 published 2016-11-18 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94951 title openSUSE Security Update : util-linux (openSUSE-2016-1317) NASL family Scientific Linux Local Security Checks NASL id SL_20161103_UTIL_LINUX_ON_SL7_X.NASL description Security Fix(es) : - It was found that util-linux last seen 2020-03-18 modified 2016-12-15 plugin id 95864 published 2016-12-15 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95864 title Scientific Linux Security Update : util-linux on SL7.x x86_64 (20161103) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-1446.NASL description This update for util-linux fixes the following issues : - Consider redundant slashes when comparing paths (bsc#982331, util-linux-libmount-ignore-redundant-slashes.patch, affects backport of util-linux-libmount-cifs-is_mounted.patch). - Use upstream compatibility patches for --show-pt-geometry with obsolescence and deprecation warning (bsc#990531) - Replace cifs mount detection patch with upstream one that covers all cases (bsc#987176). - Reuse existing loop device to prevent possible data corruption when multiple -o loop are used to mount a single file (bsc#947494) - Safe loop re-use in libmount, mount and losetup (bsc#947494) - UPSTREAM DIVERGENCE!!! losetup -L continues to use SLE12 SP1 and SP2 specific meaning --logical-blocksize instead of upstream --nooverlap (bsc#966891). - Make release-dependent conflict with old sysvinit-tools SLE specific, as it is required only for SLE 11 upgrade, and breaks openSUSE staging builds (bsc#994399). - Extended partition loop in MBR partition table leads to DoS (bsc#988361, CVE-2016-5011) This update was imported from the SUSE:SLE-12-SP2:Update update project. last seen 2020-06-05 modified 2016-12-13 plugin id 95752 published 2016-12-13 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/95752 title openSUSE Security Update : util-linux (openSUSE-2016-1446)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://rhn.redhat.com/errata/RHSA-2016-2605.html
- http://www.openwall.com/lists/oss-security/2016/07/11/2
- http://www.securityfocus.com/bid/91683
- http://www.securitytracker.com/id/1036272
- http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543
- http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801
- https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3