Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2026-1852

Опубликовано: 04 фев. 2026
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2026-1852: util-linux security update (MODERATE)

[2.32.1-48.0.1]

  • Orabug 35995159 - report lost loop device

[2.32.1-48]

  • fix RHEL-134296 - libblkid: use snprintf() instead of sprintf()
  • fix RHEL-133946 - login-utils: fix setpwnam() buffer use [CVE-2025-14104]

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

libmount-devel

2.32.1-48.0.1.el8_10

python3-libmount

2.32.1-48.0.1.el8_10

libblkid

2.32.1-48.0.1.el8_10

libblkid-devel

2.32.1-48.0.1.el8_10

libfdisk

2.32.1-48.0.1.el8_10

libfdisk-devel

2.32.1-48.0.1.el8_10

libmount

2.32.1-48.0.1.el8_10

libsmartcols

2.32.1-48.0.1.el8_10

libsmartcols-devel

2.32.1-48.0.1.el8_10

libuuid

2.32.1-48.0.1.el8_10

libuuid-devel

2.32.1-48.0.1.el8_10

util-linux

2.32.1-48.0.1.el8_10

util-linux-user

2.32.1-48.0.1.el8_10

uuidd

2.32.1-48.0.1.el8_10

Oracle Linux x86_64

libmount-devel

2.32.1-48.0.1.el8_10

python3-libmount

2.32.1-48.0.1.el8_10

libblkid

2.32.1-48.0.1.el8_10

libblkid-devel

2.32.1-48.0.1.el8_10

libfdisk

2.32.1-48.0.1.el8_10

libfdisk-devel

2.32.1-48.0.1.el8_10

libmount

2.32.1-48.0.1.el8_10

libsmartcols

2.32.1-48.0.1.el8_10

libsmartcols-devel

2.32.1-48.0.1.el8_10

libuuid

2.32.1-48.0.1.el8_10

libuuid-devel

2.32.1-48.0.1.el8_10

util-linux

2.32.1-48.0.1.el8_10

util-linux-user

2.32.1-48.0.1.el8_10

uuidd

2.32.1-48.0.1.el8_10

Связанные CVE

CVE-2025-14104

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2025-14104

CVSS3: 6.1
ubuntu
2 месяца назад

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

nvd логотип

CVE-2025-14104

CVSS3: 6.1
nvd
2 месяца назад

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

msrc логотип

CVE-2025-14104

CVSS3: 6.1
msrc
около 1 месяца назад

Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames

debian логотип

CVE-2025-14104

CVSS3: 6.1
debian
2 месяца назад

A flaw was found in util-linux. This vulnerability allows a heap buffe ...

suse-cvrf логотип

SUSE-SU-2026:0366-1

suse-cvrf
5 дней назад

Security update for util-linux