CVE-2025-14104

Опубликовано: 05 дек. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam() function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

Ссылки

EPSS

Процентиль: 3%

0.00015

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-125

Связанные уязвимости

CVE-2025-14104

CVSS3: 6.1

ubuntu

2 месяца назад

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

CVE-2025-14104

CVSS3: 6.1

msrc

около 1 месяца назад

Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames

CVE-2025-14104

CVSS3: 6.1

debian

2 месяца назад

A flaw was found in util-linux. This vulnerability allows a heap buffe ...

SUSE-SU-2026:0366-1

suse-cvrf

5 дней назад

Security update for util-linux

SUSE-SU-2026:0230-1

suse-cvrf

17 дней назад

Security update for util-linux

EPSS

Процентиль: 3%

0.00015

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-125