Vulnerabilities > Kernel > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2020-21583 Unspecified vulnerability in Kernel Util-Linux
An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date.
local
low complexity
kernel
6.7
6.7
2022-08-23 CVE-2021-3995 A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem.
local
low complexity
kernel fedoraproject
5.5
5.5
2022-08-23 CVE-2021-3996 A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem.
local
low complexity
kernel fedoraproject
5.5
5.5
2022-02-21 CVE-2022-0563 Information Exposure Through an Error Message vulnerability in multiple products
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support.
local
low complexity
kernel netapp CWE-209
5.5
5.5
2021-07-30 CVE-2021-37600 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file.
local
low complexity
kernel netapp CWE-190
5.5
5.5
2020-05-26 CVE-2020-10751 A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message.
local
low complexity
kernel redhat
6.1
6.1
2017-04-11 CVE-2016-5011 The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
low complexity
kernel redhat ibm
4.6
4.6
2001-12-31 CVE-2001-1494 Link Following vulnerability in multiple products
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
local
low complexity
kernel avaya CWE-59
5.5
5.5