Описание
A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam() function, affecting SUID (Set User ID) login-utils utilities writing to the password database.
A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam() function, affecting SUID (Set User ID) login-utils utilities writing to the password database.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-14104
- https://access.redhat.com/errata/RHSA-2026:1696
- https://access.redhat.com/errata/RHSA-2026:1852
- https://access.redhat.com/errata/RHSA-2026:1913
- https://access.redhat.com/errata/RHSA-2026:2485
- https://access.redhat.com/errata/RHSA-2026:2563
- https://access.redhat.com/errata/RHSA-2026:2737
- https://access.redhat.com/errata/RHSA-2026:2800
- https://access.redhat.com/errata/RHSA-2026:3406
- https://access.redhat.com/errata/RHSA-2026:4943
- https://access.redhat.com/security/cve/CVE-2025-14104
- https://bugzilla.redhat.com/show_bug.cgi?id=2419369
Связанные уязвимости
A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.
A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.
A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.
Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames
A flaw was found in util-linux. This vulnerability allows a heap buffe ...