CVE-2025-14104

Опубликовано: 05 дек. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam() function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

Ссылки

EPSS

Процентиль: 0%

0.00006

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-125

Связанные уязвимости

CVE-2025-14104

CVSS3: 6.1

ubuntu

4 месяца назад

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

CVE-2025-14104

CVSS3: 6.1

redhat

4 месяца назад

CVE-2025-14104

CVSS3: 6.1

msrc

3 месяца назад

Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames

CVE-2025-14104

CVSS3: 6.1

debian

4 месяца назад

A flaw was found in util-linux. This vulnerability allows a heap buffe ...

SUSE-SU-2026:0366-1

suse-cvrf

2 месяца назад

Security update for util-linux

EPSS

Процентиль: 0%

0.00006

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-125