Описание
Security update for util-linux
This update for util-linux fixes the following issues:
This security issue was fixed:
- CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges (bsc#1023041).
This non-security issues were fixed:
- lscpu: Implement WSL detection and work around crash (bsc#1019332)
- fstrim: De-duplicate btrfs sub-volumes for 'fstrim -a' and bind mounts (bsc#1020077)
- Fix regressions in safe loop re-use patch set for libmount (bsc#1012504)
- Disable ro checks for mtab (bsc#1012632)
- Ensure that the option 'users,exec,dev,suid' work as expected on NFS mounts (bsc#1008965)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP1
libblkid1-2.25-40.1
libblkid1-32bit-2.25-40.1
libmount1-2.25-40.1
libmount1-32bit-2.25-40.1
libsmartcols1-2.25-40.1
libuuid-devel-2.25-40.1
libuuid1-2.25-40.1
libuuid1-32bit-2.25-40.1
python-libmount-2.25-40.2
util-linux-2.25-40.1
util-linux-lang-2.25-40.1
util-linux-systemd-2.25-40.1
uuidd-2.25-40.1
SUSE Linux Enterprise Server 12 SP1
libblkid1-2.25-40.1
libblkid1-32bit-2.25-40.1
libmount1-2.25-40.1
libmount1-32bit-2.25-40.1
libsmartcols1-2.25-40.1
libuuid1-2.25-40.1
libuuid1-32bit-2.25-40.1
python-libmount-2.25-40.2
util-linux-2.25-40.1
util-linux-lang-2.25-40.1
util-linux-systemd-2.25-40.1
uuidd-2.25-40.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
libblkid1-2.25-40.1
libblkid1-32bit-2.25-40.1
libmount1-2.25-40.1
libmount1-32bit-2.25-40.1
libsmartcols1-2.25-40.1
libuuid1-2.25-40.1
libuuid1-32bit-2.25-40.1
python-libmount-2.25-40.2
util-linux-2.25-40.1
util-linux-lang-2.25-40.1
util-linux-systemd-2.25-40.1
uuidd-2.25-40.1
SUSE Linux Enterprise Software Development Kit 12 SP1
libblkid-devel-2.25-40.1
libmount-devel-2.25-40.1
libsmartcols-devel-2.25-40.1
libuuid-devel-2.25-40.1
SUSE Linux Enterprise Workstation Extension 12 SP1
libuuid-devel-2.25-40.1
Ссылки
- Link for SUSE-SU-2017:0555-1
- E-Mail link for SUSE-SU-2017:0555-1
- SUSE Security Ratings
- SUSE Bug 1008965
- SUSE Bug 1012504
- SUSE Bug 1012632
- SUSE Bug 1019332
- SUSE Bug 1020077
- SUSE Bug 1023041
- SUSE CVE CVE-2017-2616 page
Описание
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:libblkid1-2.25-40.1
SUSE Linux Enterprise Desktop 12 SP1:libblkid1-32bit-2.25-40.1
SUSE Linux Enterprise Desktop 12 SP1:libmount1-2.25-40.1
SUSE Linux Enterprise Desktop 12 SP1:libmount1-32bit-2.25-40.1
Ссылки
- CVE-2017-2616
- SUSE Bug 1023041
- SUSE Bug 1123789