Vulnerabilities > Kernel
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-31 | CVE-2014-9114 | Command Injection vulnerability in multiple products Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. | 7.8 |
| 2017-02-07 | CVE-2016-2779 | Permissions, Privileges, and Access Controls vulnerability in Kernel Util-Linux 2.24.21 runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | 7.2 |
| 2015-11-09 | CVE-2015-5218 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable. | 2.1 |
| 2014-01-21 | CVE-2013-0157 | Information Exposure vulnerability in Kernel Util-Linux 2.14.1/2.17.2 (a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates different error messages depending on whether the directory exists. | 2.1 |
| 2009-09-22 | CVE-2009-3288 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service (kernel OOPS and NULL pointer dereference), as demonstrated by using xcdroast to duplicate a CD. | 4.9 |
| 2001-12-31 | CVE-2001-1494 | Link Following vulnerability in multiple products script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command. | 5.5 |