Vulnerabilities > CVE-2017-2616 - Race Condition vulnerability in multiple products
Attack vector
LOCAL Attack complexity
HIGH Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Leveraging Race Conditions This attack targets a race condition occurring when multiple processes access and manipulate the same resource concurrently and the outcome of the execution depends on the particular order in which the access takes place. The attacker can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance a race condition can occur while accessing a file, the attacker can trick the system by replacing the original file with his version and cause the system to read the malicious file.
- Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. The typical example is the file access. The attacker can leverage a file access race condition by "running the race", meaning that he would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the attacker could do something such as replace the file and cause an escalation of privilege.
Nessus
NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2017-0052.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - clean up empty file if cp is failed [Orabug 15973168] - pure rebuild to bring back support for acl_extended_file_nofollow on x86_64 - su: deny killing other processes with root privileges (CVE-2017-2616) - fix the functionality of last seen 2020-06-01 modified 2020-06-02 plugin id 99079 published 2017-03-30 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99079 title OracleVM 3.3 / 3.4 : coreutils (OVMSA-2017-0052) code # # (C) Tenable Network Security, Inc. # # The package checks in this plugin were extracted from OracleVM # Security Advisory OVMSA-2017-0052. # include("compat.inc"); if (description) { script_id(99079); script_version("3.5"); script_cvs_date("Date: 2019/09/27 13:00:35"); script_cve_id("CVE-2017-2616"); script_name(english:"OracleVM 3.3 / 3.4 : coreutils (OVMSA-2017-0052)"); script_summary(english:"Checks the RPM output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote OracleVM host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The remote OracleVM system is missing necessary patches to address critical security updates : - clean up empty file if cp is failed [Orabug 15973168] - pure rebuild to bring back support for acl_extended_file_nofollow on x86_64 - su: deny killing other processes with root privileges (CVE-2017-2616) - fix the functionality of 'sort -h -k ...' in multi-byte locales (#1357979) - use correct path to grep(1) in colorls.sh (#1376892) - make colorls.sh compatible with ksh (#1321643) - sed should actually be /bin/sed (related #1222140) - colorls.sh,colorls.csh - call utilities with complete path (#1222140) - mkdir, mkfifo, mknod - respect default umask/acls when COREUTILS_CHILD_DEFAULT_ACLS envvar is set (to match rhel 7 behaviour, - ls: improve efficiency on filesystems without support for ACLs, xattrs or SELinux (#1248141) - su: suppress PAM info messages for -c or non-login sessions (#1267588) - tail, stat: recognize several new filesystems - up2date by Jan 1st 2016 (#1280333) - du: improve du error message of coreutils commands in a chrooted environment (patch by Boris Ranto) (#1086916) - su: fix incorrect message printing when su is killed (#1147532)" ); # https://oss.oracle.com/pipermail/oraclevm-errata/2017-March/000662.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?40167d41" ); # https://oss.oracle.com/pipermail/oraclevm-errata/2017-March/000667.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7493a037" ); script_set_attribute( attribute:"solution", value:"Update the affected coreutils / coreutils-libs packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:coreutils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:coreutils-libs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.4"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/27"); script_set_attribute(attribute:"patch_publication_date", value:"2017/03/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/03/30"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"OracleVM Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/OracleVM/release"); if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM"); if (! preg(pattern:"^OVS" + "(3\.3|3\.4)" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 3.3 / 3.4", "OracleVM " + release); if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu); if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu); flag = 0; if (rpm_check(release:"OVS3.3", reference:"coreutils-8.4-46.0.1.el6")) flag++; if (rpm_check(release:"OVS3.3", reference:"coreutils-libs-8.4-46.0.1.el6")) flag++; if (rpm_check(release:"OVS3.4", reference:"coreutils-8.4-46.0.1.el6")) flag++; if (rpm_check(release:"OVS3.4", reference:"coreutils-libs-8.4-46.0.1.el6")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "coreutils / coreutils-libs"); }NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-0866-1.NASL description This update for coreutils fixes one issue. This security issue was fixed : - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges (bsc#1023041) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 108830 published 2018-04-04 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108830 title SUSE SLES11 Security Update : coreutils (SUSE-SU-2018:0866-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2017-1084.NASL description According to the version of the util-linux packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2017-05-03 plugin id 99950 published 2017-05-03 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99950 title EulerOS 2.0 SP2 : util-linux (EulerOS-SA-2017-1084) NASL family Scientific Linux Local Security Checks NASL id SL_20170412_UTIL_LINUX_ON_SL7_X.NASL description Security Fix(es) : - A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Bug Fix(es) : - The last seen 2020-03-18 modified 2017-04-13 plugin id 99354 published 2017-04-13 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99354 title Scientific Linux Security Update : util-linux on SL7.x x86_64 (20170412) NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-305.NASL description This update for util-linux fixes the following issues : This security issue was fixed : - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges (bsc#1023041). This non-security issues were fixed : - lscpu: Implement WSL detection and work around crash (bsc#1019332) - fstrim: De-duplicate btrfs sub-volumes for last seen 2020-06-05 modified 2017-03-07 plugin id 97564 published 2017-03-07 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97564 title openSUSE Security Update : util-linux (openSUSE-2017-305) NASL family Scientific Linux Local Security Checks NASL id SL_20170321_COREUTILS_ON_SL6_X.NASL description Security Fix(es) : - A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) last seen 2020-03-18 modified 2017-04-06 plugin id 99215 published 2017-04-06 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99215 title Scientific Linux Security Update : coreutils on SL6.x i386/x86_64 (20170321) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3276-2.NASL description USN-3276-1 intended to fix a vulnerability in su. The solution introduced a regression in su signal handling. This update modifies the security fix. We apologize for the inconvenience. Sebastian Krahmer discovered integer overflows in shadow utilities. A local attacker could possibly cause them to crash or potentially gain privileges via crafted input. (CVE-2016-6252) Tobias Stockmann discovered a race condition in su. A local attacker could cause su to send SIGKILL to other processes with root privileges. (CVE-2017-2616). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 100248 published 2017-05-17 reporter Ubuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100248 title Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : shadow regression (USN-3276-2) NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-0553-1.NASL description This update for util-linux fixes a number of bugs and two security issues. The following security bugs were fixed : - CVE-2016-5011: Infinite loop DoS in libblkid while parsing DOS partition (bsc#988361) - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges (bsc#1023041). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 97380 published 2017-02-24 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97380 title SUSE SLES12 Security Update : util-linux (SUSE-SU-2017:0553-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2017-0907.NASL description An update for util-linux is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es) : * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stockmann for reporting this issue. Bug Fix(es) : * The last seen 2020-06-01 modified 2020-06-02 plugin id 99380 published 2017-04-14 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99380 title CentOS 7 : util-linux (CESA-2017:0907) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201706-02.NASL description The remote host is affected by the vulnerability described in GLSA-201706-02 (Shadow: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Shadow. Please review the CVE identifiers referenced below for details. Impact : A local attacker could possibly cause a Denial of Service condition, gain privileges via crafted input, or SIGKILL arbitrary processes. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 100629 published 2017-06-06 reporter This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100629 title GLSA-201706-02 : Shadow: Multiple vulnerabilities NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2017-0907.NASL description An update for util-linux is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es) : * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stockmann for reporting this issue. Bug Fix(es) : * The last seen 2020-06-01 modified 2020-06-02 plugin id 99341 published 2017-04-13 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99341 title RHEL 7 : util-linux (RHSA-2017:0907) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2020-3_0-0086_UTIL.NASL description An update of the util package has been released. last seen 2020-05-18 modified 2020-05-13 plugin id 136574 published 2020-05-13 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136574 title Photon OS 3.0: Util PHSA-2020-3.0-0086 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2017-0654.NASL description An update for coreutils is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fix(es) : * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stockmann for reporting this issue. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 97879 published 2017-03-22 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97879 title RHEL 6 : coreutils (RHSA-2017:0654) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2017-0654.NASL description From Red Hat Security Advisory 2017:0654 : An update for coreutils is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fix(es) : * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stockmann for reporting this issue. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 99068 published 2017-03-30 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99068 title Oracle Linux 6 : coreutils (ELSA-2017-0654) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2020-2_0-0235_UTIL.NASL description An update of the util package has been released. last seen 2020-05-08 modified 2020-05-05 plugin id 136337 published 2020-05-05 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136337 title Photon OS 2.0: Util PHSA-2020-2.0-0235 NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2017-823.NASL description Sending SIGKILL to other processes with root privileges via su : A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.(CVE-2017-2616) last seen 2020-06-01 modified 2020-06-02 plugin id 99711 published 2017-04-28 reporter This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99711 title Amazon Linux AMI : util-linux (ALAS-2017-823) NASL family Virtuozzo Local Security Checks NASL id VIRTUOZZO_VZLSA-2017-0907.NASL description An update for util-linux is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es) : * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias StAPckmann for reporting this issue. Bug Fix(es) : * The last seen 2020-06-01 modified 2020-06-02 plugin id 101446 published 2017-07-13 reporter This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/101446 title Virtuozzo 7 : libblkid / libblkid-devel / libmount / etc (VZLSA-2017-0907) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-838.NASL description Tobias Stoeckmann discovered that su does not properly handle clearing a child PID. A local attacker can take advantage of this flaw to send SIGKILL to other processes with root privileges, resulting in denial of service. For Debian 7 last seen 2020-03-17 modified 2017-02-27 plugin id 97396 published 2017-02-27 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97396 title Debian DLA-838-1 : shadow security update NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-306.NASL description This update for util-linux fixes the following issues : This security issue was fixed : - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges (bsc#1023041). This non-security issues were fixed : - lscpu: Implement WSL detection and work around crash (bsc#1019332) - fstrim: De-duplicate btrfs sub-volumes for last seen 2020-06-05 modified 2017-03-07 plugin id 97565 published 2017-03-07 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97565 title openSUSE Security Update : util-linux (openSUSE-2017-306) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2017-0654.NASL description An update for coreutils is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fix(es) : * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stockmann for reporting this issue. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 97956 published 2017-03-27 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97956 title CentOS 6 : coreutils (CESA-2017:0654) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2019-1_0-0212_UTIL.NASL description An update of the util package has been released. last seen 2020-06-01 modified 2020-06-02 plugin id 122926 published 2019-03-18 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122926 title Photon OS 1.0: Util PHSA-2019-1.0-0212 NASL family Fedora Local Security Checks NASL id FEDORA_2017-B11B460865.NASL description Security fix for CVE-2017-2616 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-03-02 plugin id 97483 published 2017-03-02 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97483 title Fedora 24 : util-linux (2017-b11b460865) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0107_COREUTILS.NASL description The remote NewStart CGSL host, running version MAIN 4.05, has coreutils packages installed that are affected by a vulnerability: - A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127340 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127340 title NewStart CGSL MAIN 4.05 : coreutils Vulnerability (NS-SA-2019-0107) NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-0555-1.NASL description This update for util-linux fixes the following issues: This security issue was fixed : - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges (bsc#1023041). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 97382 published 2017-02-24 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97382 title SUSE SLED12 / SLES12 Security Update : util-linux (SUSE-SU-2017:0555-1) NASL family Fedora Local Security Checks NASL id FEDORA_2017-20710607F5.NASL description Security fix for CVE-2017-2616 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-03-01 plugin id 97450 published 2017-03-01 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97450 title Fedora 25 : util-linux (2017-20710607f5) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1462.NASL description According to the version of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.(CVE-2017-2616) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 124965 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124965 title EulerOS Virtualization 3.0.1.0 : util-linux (EulerOS-SA-2019-1462) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2017-1083.NASL description According to the version of the util-linux packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2017-05-03 plugin id 99949 published 2017-05-03 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99949 title EulerOS 2.0 SP1 : util-linux (EulerOS-SA-2017-1083) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3793.NASL description Several vulnerabilities were discovered in the shadow suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-6252 An integer overflow vulnerability was discovered, potentially allowing a local user to escalate privileges via crafted input to the newuidmap utility. - CVE-2017-2616 Tobias Stoeckmann discovered that su does not properly handle clearing a child PID. A local attacker can take advantage of this flaw to send SIGKILL to other processes with root privileges, resulting in denial of service. last seen 2020-06-01 modified 2020-06-02 plugin id 97397 published 2017-02-27 reporter This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97397 title Debian DSA-3793-1 : shadow - security update NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2017-0907.NASL description From Red Hat Security Advisory 2017:0907 : An update for util-linux is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es) : * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stockmann for reporting this issue. Bug Fix(es) : * The last seen 2020-06-01 modified 2020-06-02 plugin id 99330 published 2017-04-13 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99330 title Oracle Linux 7 : util-linux (ELSA-2017-0907) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3276-1.NASL description Sebastian Krahmer discovered integer overflows in shadow utilities. A local attacker could possibly cause them to crash or potentially gain privileges via crafted input. (CVE-2016-6252) Tobias Stockmann discovered a race condition in su. A local attacker could cause su to send SIGKILL to other processes with root privileges. (CVE-2017-2616). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 99993 published 2017-05-05 reporter Ubuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99993 title Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : shadow vulnerabilities (USN-3276-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-0554-1.NASL description This update for util-linux fixes the following issues: This security issue was fixed : - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges (bsc#1023041). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 97381 published 2017-02-24 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97381 title SUSE SLED12 / SLES12 Security Update : util-linux (SUSE-SU-2017:0554-1)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616
- https://www.debian.org/security/2017/dsa-3793
- https://security.gentoo.org/glsa/201706-02
- https://access.redhat.com/errata/RHSA-2017:0907
- http://www.securitytracker.com/id/1038271
- http://www.securityfocus.com/bid/96404
- http://rhn.redhat.com/errata/RHSA-2017-0654.html