An update for util-linux is now available for openEuler-20.03-LTS-SP1 and openEuler-20.03-LTS-SP2 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2021-1308 Final 1.0 1.0 2021-08-14 Initial 2021-08-14 2021-08-14 openEuler SA Tool V1.0 2021-08-14 util-linux security update An update for util-linux is now available for openEuler-20.03-LTS-SP1 and openEuler-20.03-LTS-SP2. The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fix(es): An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file.(CVE-2021-37600) An update for util-linux is now available for openEuler-20.03-LTS-SP1 and openEuler-20.03-LTS-SP2. openEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Critical util-linux https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1308 https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-37600 https://nvd.nist.gov/vuln/detail/CVE-2021-37600 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 util-linux-debugsource-2.35.2-8.oe1.aarch64.rpm libmount-2.35.2-8.oe1.aarch64.rpm util-linux-user-2.35.2-8.oe1.aarch64.rpm libuuid-2.35.2-8.oe1.aarch64.rpm util-linux-debuginfo-2.35.2-8.oe1.aarch64.rpm libsmartcols-2.35.2-8.oe1.aarch64.rpm python-libmount-2.35.2-8.oe1.aarch64.rpm libfdisk-2.35.2-8.oe1.aarch64.rpm util-linux-2.35.2-8.oe1.aarch64.rpm util-linux-devel-2.35.2-8.oe1.aarch64.rpm libblkid-2.35.2-8.oe1.aarch64.rpm uuidd-2.35.2-8.oe1.aarch64.rpm util-linux-debugsource-2.35.2-8.oe1.aarch64.rpm libmount-2.35.2-8.oe1.aarch64.rpm util-linux-user-2.35.2-8.oe1.aarch64.rpm libuuid-2.35.2-8.oe1.aarch64.rpm util-linux-debuginfo-2.35.2-8.oe1.aarch64.rpm libsmartcols-2.35.2-8.oe1.aarch64.rpm python-libmount-2.35.2-8.oe1.aarch64.rpm libfdisk-2.35.2-8.oe1.aarch64.rpm util-linux-2.35.2-8.oe1.aarch64.rpm util-linux-devel-2.35.2-8.oe1.aarch64.rpm libblkid-2.35.2-8.oe1.aarch64.rpm uuidd-2.35.2-8.oe1.aarch64.rpm util-linux-help-2.35.2-8.oe1.noarch.rpm util-linux-help-2.35.2-8.oe1.noarch.rpm util-linux-2.35.2-8.oe1.src.rpm util-linux-2.35.2-8.oe1.src.rpm libblkid-2.35.2-8.oe1.x86_64.rpm libsmartcols-2.35.2-8.oe1.x86_64.rpm util-linux-2.35.2-8.oe1.x86_64.rpm python-libmount-2.35.2-8.oe1.x86_64.rpm uuidd-2.35.2-8.oe1.x86_64.rpm util-linux-devel-2.35.2-8.oe1.x86_64.rpm libfdisk-2.35.2-8.oe1.x86_64.rpm libuuid-2.35.2-8.oe1.x86_64.rpm util-linux-debugsource-2.35.2-8.oe1.x86_64.rpm libmount-2.35.2-8.oe1.x86_64.rpm util-linux-debuginfo-2.35.2-8.oe1.x86_64.rpm util-linux-user-2.35.2-8.oe1.x86_64.rpm libblkid-2.35.2-8.oe1.x86_64.rpm libsmartcols-2.35.2-8.oe1.x86_64.rpm util-linux-2.35.2-8.oe1.x86_64.rpm python-libmount-2.35.2-8.oe1.x86_64.rpm uuidd-2.35.2-8.oe1.x86_64.rpm util-linux-devel-2.35.2-8.oe1.x86_64.rpm libfdisk-2.35.2-8.oe1.x86_64.rpm libuuid-2.35.2-8.oe1.x86_64.rpm util-linux-debugsource-2.35.2-8.oe1.x86_64.rpm libmount-2.35.2-8.oe1.x86_64.rpm util-linux-debuginfo-2.35.2-8.oe1.x86_64.rpm util-linux-user-2.35.2-8.oe1.x86_64.rpm An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. 2021-08-14 CVE-2021-37600 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 Critical 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H util-linux security update 2021-08-14 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1308