An update for util-linux is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2024-1352 Final 1.0 1.0 2024-04-03 Initial 2024-04-03 2024-04-03 openEuler SA Tool V1.0 2024-04-03 util-linux security update An update for util-linux is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3. The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fix(es): wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.(CVE-2024-28085) An update for util-linux is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3. openEuler Security has rated this update as having a security impact of low. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Low util-linux https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1352 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2024-28085 https://nvd.nist.gov/vuln/detail/CVE-2024-28085 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 openEuler-22.03-LTS-SP3 util-linux-user-2.35.2-16.oe2003sp4.aarch64.rpm libfdisk-2.35.2-16.oe2003sp4.aarch64.rpm libsmartcols-2.35.2-16.oe2003sp4.aarch64.rpm util-linux-2.35.2-16.oe2003sp4.aarch64.rpm python-libmount-2.35.2-16.oe2003sp4.aarch64.rpm util-linux-devel-2.35.2-16.oe2003sp4.aarch64.rpm uuidd-2.35.2-16.oe2003sp4.aarch64.rpm libmount-2.35.2-16.oe2003sp4.aarch64.rpm libuuid-2.35.2-16.oe2003sp4.aarch64.rpm libblkid-2.35.2-16.oe2003sp4.aarch64.rpm util-linux-debuginfo-2.35.2-16.oe2003sp4.aarch64.rpm util-linux-debugsource-2.35.2-16.oe2003sp4.aarch64.rpm libsmartcols-2.37.2-28.oe2203.aarch64.rpm util-linux-debugsource-2.37.2-28.oe2203.aarch64.rpm util-linux-2.37.2-28.oe2203.aarch64.rpm util-linux-devel-2.37.2-28.oe2203.aarch64.rpm libmount-2.37.2-28.oe2203.aarch64.rpm util-linux-debuginfo-2.37.2-28.oe2203.aarch64.rpm libuuid-2.37.2-28.oe2203.aarch64.rpm util-linux-user-2.37.2-28.oe2203.aarch64.rpm libfdisk-2.37.2-28.oe2203.aarch64.rpm uuidd-2.37.2-28.oe2203.aarch64.rpm python3-libmount-2.37.2-28.oe2203.aarch64.rpm libblkid-2.37.2-28.oe2203.aarch64.rpm util-linux-debugsource-2.37.2-28.oe2203sp1.aarch64.rpm libsmartcols-2.37.2-28.oe2203sp1.aarch64.rpm libmount-2.37.2-28.oe2203sp1.aarch64.rpm libuuid-2.37.2-28.oe2203sp1.aarch64.rpm python3-libmount-2.37.2-28.oe2203sp1.aarch64.rpm libfdisk-2.37.2-28.oe2203sp1.aarch64.rpm uuidd-2.37.2-28.oe2203sp1.aarch64.rpm util-linux-devel-2.37.2-28.oe2203sp1.aarch64.rpm util-linux-debuginfo-2.37.2-28.oe2203sp1.aarch64.rpm util-linux-user-2.37.2-28.oe2203sp1.aarch64.rpm util-linux-2.37.2-28.oe2203sp1.aarch64.rpm libblkid-2.37.2-28.oe2203sp1.aarch64.rpm libblkid-2.37.2-28.oe2203sp2.aarch64.rpm util-linux-debuginfo-2.37.2-28.oe2203sp2.aarch64.rpm util-linux-2.37.2-28.oe2203sp2.aarch64.rpm libsmartcols-2.37.2-28.oe2203sp2.aarch64.rpm libfdisk-2.37.2-28.oe2203sp2.aarch64.rpm util-linux-devel-2.37.2-28.oe2203sp2.aarch64.rpm util-linux-debugsource-2.37.2-28.oe2203sp2.aarch64.rpm uuidd-2.37.2-28.oe2203sp2.aarch64.rpm libmount-2.37.2-28.oe2203sp2.aarch64.rpm python3-libmount-2.37.2-28.oe2203sp2.aarch64.rpm libuuid-2.37.2-28.oe2203sp2.aarch64.rpm util-linux-user-2.37.2-28.oe2203sp2.aarch64.rpm util-linux-debuginfo-2.37.2-28.oe2203sp3.aarch64.rpm libblkid-2.37.2-28.oe2203sp3.aarch64.rpm libuuid-2.37.2-28.oe2203sp3.aarch64.rpm util-linux-user-2.37.2-28.oe2203sp3.aarch64.rpm libmount-2.37.2-28.oe2203sp3.aarch64.rpm util-linux-debugsource-2.37.2-28.oe2203sp3.aarch64.rpm libfdisk-2.37.2-28.oe2203sp3.aarch64.rpm python3-libmount-2.37.2-28.oe2203sp3.aarch64.rpm util-linux-devel-2.37.2-28.oe2203sp3.aarch64.rpm libsmartcols-2.37.2-28.oe2203sp3.aarch64.rpm uuidd-2.37.2-28.oe2203sp3.aarch64.rpm util-linux-2.37.2-28.oe2203sp3.aarch64.rpm util-linux-help-2.35.2-16.oe2003sp4.noarch.rpm util-linux-help-2.37.2-28.oe2203.noarch.rpm util-linux-help-2.37.2-28.oe2203sp1.noarch.rpm util-linux-help-2.37.2-28.oe2203sp2.noarch.rpm util-linux-help-2.37.2-28.oe2203sp3.noarch.rpm util-linux-2.35.2-16.oe2003sp4.src.rpm util-linux-2.37.2-28.oe2203.src.rpm util-linux-2.37.2-28.oe2203sp1.src.rpm util-linux-2.37.2-28.oe2203sp2.src.rpm util-linux-2.37.2-28.oe2203sp3.src.rpm libsmartcols-2.35.2-16.oe2003sp4.x86_64.rpm libmount-2.35.2-16.oe2003sp4.x86_64.rpm util-linux-user-2.35.2-16.oe2003sp4.x86_64.rpm libblkid-2.35.2-16.oe2003sp4.x86_64.rpm python-libmount-2.35.2-16.oe2003sp4.x86_64.rpm util-linux-2.35.2-16.oe2003sp4.x86_64.rpm util-linux-devel-2.35.2-16.oe2003sp4.x86_64.rpm util-linux-debugsource-2.35.2-16.oe2003sp4.x86_64.rpm util-linux-debuginfo-2.35.2-16.oe2003sp4.x86_64.rpm uuidd-2.35.2-16.oe2003sp4.x86_64.rpm libuuid-2.35.2-16.oe2003sp4.x86_64.rpm libfdisk-2.35.2-16.oe2003sp4.x86_64.rpm libsmartcols-2.37.2-28.oe2203.x86_64.rpm uuidd-2.37.2-28.oe2203.x86_64.rpm util-linux-debuginfo-2.37.2-28.oe2203.x86_64.rpm python3-libmount-2.37.2-28.oe2203.x86_64.rpm util-linux-2.37.2-28.oe2203.x86_64.rpm util-linux-devel-2.37.2-28.oe2203.x86_64.rpm libmount-2.37.2-28.oe2203.x86_64.rpm libuuid-2.37.2-28.oe2203.x86_64.rpm util-linux-user-2.37.2-28.oe2203.x86_64.rpm util-linux-debugsource-2.37.2-28.oe2203.x86_64.rpm libblkid-2.37.2-28.oe2203.x86_64.rpm libfdisk-2.37.2-28.oe2203.x86_64.rpm python3-libmount-2.37.2-28.oe2203sp1.x86_64.rpm libmount-2.37.2-28.oe2203sp1.x86_64.rpm libblkid-2.37.2-28.oe2203sp1.x86_64.rpm util-linux-user-2.37.2-28.oe2203sp1.x86_64.rpm util-linux-debuginfo-2.37.2-28.oe2203sp1.x86_64.rpm libuuid-2.37.2-28.oe2203sp1.x86_64.rpm util-linux-debugsource-2.37.2-28.oe2203sp1.x86_64.rpm libfdisk-2.37.2-28.oe2203sp1.x86_64.rpm util-linux-devel-2.37.2-28.oe2203sp1.x86_64.rpm libsmartcols-2.37.2-28.oe2203sp1.x86_64.rpm util-linux-2.37.2-28.oe2203sp1.x86_64.rpm uuidd-2.37.2-28.oe2203sp1.x86_64.rpm python3-libmount-2.37.2-28.oe2203sp2.x86_64.rpm libuuid-2.37.2-28.oe2203sp2.x86_64.rpm libmount-2.37.2-28.oe2203sp2.x86_64.rpm util-linux-user-2.37.2-28.oe2203sp2.x86_64.rpm util-linux-debuginfo-2.37.2-28.oe2203sp2.x86_64.rpm libfdisk-2.37.2-28.oe2203sp2.x86_64.rpm uuidd-2.37.2-28.oe2203sp2.x86_64.rpm util-linux-devel-2.37.2-28.oe2203sp2.x86_64.rpm libblkid-2.37.2-28.oe2203sp2.x86_64.rpm util-linux-2.37.2-28.oe2203sp2.x86_64.rpm util-linux-debugsource-2.37.2-28.oe2203sp2.x86_64.rpm libsmartcols-2.37.2-28.oe2203sp2.x86_64.rpm util-linux-debugsource-2.37.2-28.oe2203sp3.x86_64.rpm util-linux-debuginfo-2.37.2-28.oe2203sp3.x86_64.rpm util-linux-devel-2.37.2-28.oe2203sp3.x86_64.rpm libblkid-2.37.2-28.oe2203sp3.x86_64.rpm libsmartcols-2.37.2-28.oe2203sp3.x86_64.rpm uuidd-2.37.2-28.oe2203sp3.x86_64.rpm util-linux-user-2.37.2-28.oe2203sp3.x86_64.rpm libuuid-2.37.2-28.oe2203sp3.x86_64.rpm libmount-2.37.2-28.oe2203sp3.x86_64.rpm python3-libmount-2.37.2-28.oe2203sp3.x86_64.rpm libfdisk-2.37.2-28.oe2203sp3.x86_64.rpm util-linux-2.37.2-28.oe2203sp3.x86_64.rpm wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover. 2024-04-03 CVE-2024-28085 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 openEuler-22.03-LTS-SP3 Low 0.0 util-linux security update 2024-04-03 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1352