An update for util-linux is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2024-1352
Final
1.0
1.0
2024-04-03
Initial
2024-04-03
2024-04-03
openEuler SA Tool V1.0
2024-04-03
util-linux security update
An update for util-linux is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3.
The util-linux package contains a random collection of files that implements some low-level basic linux utilities.
Security Fix(es):
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.(CVE-2024-28085)
An update for util-linux is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3.
openEuler Security has rated this update as having a security impact of low. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
Low
util-linux
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1352
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2024-28085
https://nvd.nist.gov/vuln/detail/CVE-2024-28085
openEuler-20.03-LTS-SP4
openEuler-22.03-LTS
openEuler-22.03-LTS-SP1
openEuler-22.03-LTS-SP2
openEuler-22.03-LTS-SP3
util-linux-user-2.35.2-16.oe2003sp4.aarch64.rpm
libfdisk-2.35.2-16.oe2003sp4.aarch64.rpm
libsmartcols-2.35.2-16.oe2003sp4.aarch64.rpm
util-linux-2.35.2-16.oe2003sp4.aarch64.rpm
python-libmount-2.35.2-16.oe2003sp4.aarch64.rpm
util-linux-devel-2.35.2-16.oe2003sp4.aarch64.rpm
uuidd-2.35.2-16.oe2003sp4.aarch64.rpm
libmount-2.35.2-16.oe2003sp4.aarch64.rpm
libuuid-2.35.2-16.oe2003sp4.aarch64.rpm
libblkid-2.35.2-16.oe2003sp4.aarch64.rpm
util-linux-debuginfo-2.35.2-16.oe2003sp4.aarch64.rpm
util-linux-debugsource-2.35.2-16.oe2003sp4.aarch64.rpm
libsmartcols-2.37.2-28.oe2203.aarch64.rpm
util-linux-debugsource-2.37.2-28.oe2203.aarch64.rpm
util-linux-2.37.2-28.oe2203.aarch64.rpm
util-linux-devel-2.37.2-28.oe2203.aarch64.rpm
libmount-2.37.2-28.oe2203.aarch64.rpm
util-linux-debuginfo-2.37.2-28.oe2203.aarch64.rpm
libuuid-2.37.2-28.oe2203.aarch64.rpm
util-linux-user-2.37.2-28.oe2203.aarch64.rpm
libfdisk-2.37.2-28.oe2203.aarch64.rpm
uuidd-2.37.2-28.oe2203.aarch64.rpm
python3-libmount-2.37.2-28.oe2203.aarch64.rpm
libblkid-2.37.2-28.oe2203.aarch64.rpm
util-linux-debugsource-2.37.2-28.oe2203sp1.aarch64.rpm
libsmartcols-2.37.2-28.oe2203sp1.aarch64.rpm
libmount-2.37.2-28.oe2203sp1.aarch64.rpm
libuuid-2.37.2-28.oe2203sp1.aarch64.rpm
python3-libmount-2.37.2-28.oe2203sp1.aarch64.rpm
libfdisk-2.37.2-28.oe2203sp1.aarch64.rpm
uuidd-2.37.2-28.oe2203sp1.aarch64.rpm
util-linux-devel-2.37.2-28.oe2203sp1.aarch64.rpm
util-linux-debuginfo-2.37.2-28.oe2203sp1.aarch64.rpm
util-linux-user-2.37.2-28.oe2203sp1.aarch64.rpm
util-linux-2.37.2-28.oe2203sp1.aarch64.rpm
libblkid-2.37.2-28.oe2203sp1.aarch64.rpm
libblkid-2.37.2-28.oe2203sp2.aarch64.rpm
util-linux-debuginfo-2.37.2-28.oe2203sp2.aarch64.rpm
util-linux-2.37.2-28.oe2203sp2.aarch64.rpm
libsmartcols-2.37.2-28.oe2203sp2.aarch64.rpm
libfdisk-2.37.2-28.oe2203sp2.aarch64.rpm
util-linux-devel-2.37.2-28.oe2203sp2.aarch64.rpm
util-linux-debugsource-2.37.2-28.oe2203sp2.aarch64.rpm
uuidd-2.37.2-28.oe2203sp2.aarch64.rpm
libmount-2.37.2-28.oe2203sp2.aarch64.rpm
python3-libmount-2.37.2-28.oe2203sp2.aarch64.rpm
libuuid-2.37.2-28.oe2203sp2.aarch64.rpm
util-linux-user-2.37.2-28.oe2203sp2.aarch64.rpm
util-linux-debuginfo-2.37.2-28.oe2203sp3.aarch64.rpm
libblkid-2.37.2-28.oe2203sp3.aarch64.rpm
libuuid-2.37.2-28.oe2203sp3.aarch64.rpm
util-linux-user-2.37.2-28.oe2203sp3.aarch64.rpm
libmount-2.37.2-28.oe2203sp3.aarch64.rpm
util-linux-debugsource-2.37.2-28.oe2203sp3.aarch64.rpm
libfdisk-2.37.2-28.oe2203sp3.aarch64.rpm
python3-libmount-2.37.2-28.oe2203sp3.aarch64.rpm
util-linux-devel-2.37.2-28.oe2203sp3.aarch64.rpm
libsmartcols-2.37.2-28.oe2203sp3.aarch64.rpm
uuidd-2.37.2-28.oe2203sp3.aarch64.rpm
util-linux-2.37.2-28.oe2203sp3.aarch64.rpm
util-linux-help-2.35.2-16.oe2003sp4.noarch.rpm
util-linux-help-2.37.2-28.oe2203.noarch.rpm
util-linux-help-2.37.2-28.oe2203sp1.noarch.rpm
util-linux-help-2.37.2-28.oe2203sp2.noarch.rpm
util-linux-help-2.37.2-28.oe2203sp3.noarch.rpm
util-linux-2.35.2-16.oe2003sp4.src.rpm
util-linux-2.37.2-28.oe2203.src.rpm
util-linux-2.37.2-28.oe2203sp1.src.rpm
util-linux-2.37.2-28.oe2203sp2.src.rpm
util-linux-2.37.2-28.oe2203sp3.src.rpm
libsmartcols-2.35.2-16.oe2003sp4.x86_64.rpm
libmount-2.35.2-16.oe2003sp4.x86_64.rpm
util-linux-user-2.35.2-16.oe2003sp4.x86_64.rpm
libblkid-2.35.2-16.oe2003sp4.x86_64.rpm
python-libmount-2.35.2-16.oe2003sp4.x86_64.rpm
util-linux-2.35.2-16.oe2003sp4.x86_64.rpm
util-linux-devel-2.35.2-16.oe2003sp4.x86_64.rpm
util-linux-debugsource-2.35.2-16.oe2003sp4.x86_64.rpm
util-linux-debuginfo-2.35.2-16.oe2003sp4.x86_64.rpm
uuidd-2.35.2-16.oe2003sp4.x86_64.rpm
libuuid-2.35.2-16.oe2003sp4.x86_64.rpm
libfdisk-2.35.2-16.oe2003sp4.x86_64.rpm
libsmartcols-2.37.2-28.oe2203.x86_64.rpm
uuidd-2.37.2-28.oe2203.x86_64.rpm
util-linux-debuginfo-2.37.2-28.oe2203.x86_64.rpm
python3-libmount-2.37.2-28.oe2203.x86_64.rpm
util-linux-2.37.2-28.oe2203.x86_64.rpm
util-linux-devel-2.37.2-28.oe2203.x86_64.rpm
libmount-2.37.2-28.oe2203.x86_64.rpm
libuuid-2.37.2-28.oe2203.x86_64.rpm
util-linux-user-2.37.2-28.oe2203.x86_64.rpm
util-linux-debugsource-2.37.2-28.oe2203.x86_64.rpm
libblkid-2.37.2-28.oe2203.x86_64.rpm
libfdisk-2.37.2-28.oe2203.x86_64.rpm
python3-libmount-2.37.2-28.oe2203sp1.x86_64.rpm
libmount-2.37.2-28.oe2203sp1.x86_64.rpm
libblkid-2.37.2-28.oe2203sp1.x86_64.rpm
util-linux-user-2.37.2-28.oe2203sp1.x86_64.rpm
util-linux-debuginfo-2.37.2-28.oe2203sp1.x86_64.rpm
libuuid-2.37.2-28.oe2203sp1.x86_64.rpm
util-linux-debugsource-2.37.2-28.oe2203sp1.x86_64.rpm
libfdisk-2.37.2-28.oe2203sp1.x86_64.rpm
util-linux-devel-2.37.2-28.oe2203sp1.x86_64.rpm
libsmartcols-2.37.2-28.oe2203sp1.x86_64.rpm
util-linux-2.37.2-28.oe2203sp1.x86_64.rpm
uuidd-2.37.2-28.oe2203sp1.x86_64.rpm
python3-libmount-2.37.2-28.oe2203sp2.x86_64.rpm
libuuid-2.37.2-28.oe2203sp2.x86_64.rpm
libmount-2.37.2-28.oe2203sp2.x86_64.rpm
util-linux-user-2.37.2-28.oe2203sp2.x86_64.rpm
util-linux-debuginfo-2.37.2-28.oe2203sp2.x86_64.rpm
libfdisk-2.37.2-28.oe2203sp2.x86_64.rpm
uuidd-2.37.2-28.oe2203sp2.x86_64.rpm
util-linux-devel-2.37.2-28.oe2203sp2.x86_64.rpm
libblkid-2.37.2-28.oe2203sp2.x86_64.rpm
util-linux-2.37.2-28.oe2203sp2.x86_64.rpm
util-linux-debugsource-2.37.2-28.oe2203sp2.x86_64.rpm
libsmartcols-2.37.2-28.oe2203sp2.x86_64.rpm
util-linux-debugsource-2.37.2-28.oe2203sp3.x86_64.rpm
util-linux-debuginfo-2.37.2-28.oe2203sp3.x86_64.rpm
util-linux-devel-2.37.2-28.oe2203sp3.x86_64.rpm
libblkid-2.37.2-28.oe2203sp3.x86_64.rpm
libsmartcols-2.37.2-28.oe2203sp3.x86_64.rpm
uuidd-2.37.2-28.oe2203sp3.x86_64.rpm
util-linux-user-2.37.2-28.oe2203sp3.x86_64.rpm
libuuid-2.37.2-28.oe2203sp3.x86_64.rpm
libmount-2.37.2-28.oe2203sp3.x86_64.rpm
python3-libmount-2.37.2-28.oe2203sp3.x86_64.rpm
libfdisk-2.37.2-28.oe2203sp3.x86_64.rpm
util-linux-2.37.2-28.oe2203sp3.x86_64.rpm
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.
2024-04-03
CVE-2024-28085
openEuler-20.03-LTS-SP4
openEuler-22.03-LTS
openEuler-22.03-LTS-SP1
openEuler-22.03-LTS-SP2
openEuler-22.03-LTS-SP3
Low
0.0
util-linux security update
2024-04-03
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1352