openSUSE-SU-2021:1440-1

Опубликовано: 02 нояб. 2021

Источник: suse-cvrf

Описание

Security update for util-linux

This update for util-linux fixes the following issues:

Update to version 2.33.2 to provide seamless update from SLE12 SP5 to SLE15 SP2:

CVE-2021-37600: Fixed an integer overflow which could lead to a buffer overflow in get_sem_elements() in sys-utils/ipcutils.c (bsc#1188921).
agetty: Fix 8-bit processing in get_logname() (bsc#1125886).
mount: Fix 'mount' output for net file systems (bsc#1122417).
ipcs: Avoid overflows (bsc#1178236)

This update was imported from the SUSE:SLE-15-SP1:Update update project.

Список пакетов

openSUSE Leap 15.2

libblkid-devel-2.33.2-lp152.5.9.1

libblkid-devel-32bit-2.33.2-lp152.5.9.1

libblkid-devel-static-2.33.2-lp152.5.9.1

libblkid1-2.33.2-lp152.5.9.1

libblkid1-32bit-2.33.2-lp152.5.9.1

libfdisk-devel-2.33.2-lp152.5.9.1

libfdisk-devel-static-2.33.2-lp152.5.9.1

libfdisk1-2.33.2-lp152.5.9.1

libmount-devel-2.33.2-lp152.5.9.1

libmount-devel-32bit-2.33.2-lp152.5.9.1

libmount-devel-static-2.33.2-lp152.5.9.1

libmount1-2.33.2-lp152.5.9.1

libmount1-32bit-2.33.2-lp152.5.9.1

libsmartcols-devel-2.33.2-lp152.5.9.1

libsmartcols-devel-static-2.33.2-lp152.5.9.1

libsmartcols1-2.33.2-lp152.5.9.1

libuuid-devel-2.33.2-lp152.5.9.1

libuuid-devel-32bit-2.33.2-lp152.5.9.1

libuuid-devel-static-2.33.2-lp152.5.9.1

libuuid1-2.33.2-lp152.5.9.1

libuuid1-32bit-2.33.2-lp152.5.9.1

python3-libmount-2.33.2-lp152.5.9.1

util-linux-2.33.2-lp152.5.9.1

util-linux-lang-2.33.2-lp152.5.9.1

util-linux-systemd-2.33.2-lp152.5.9.1

uuidd-2.33.2-lp152.5.9.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/O37YZAXFT5P25MP6HADS7PSL7LUNUR45/
E-Mail link for openSUSE-SU-2021:1440-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1122417
SUSE Bug 1122417
https://bugzilla.suse.com/1125886
SUSE Bug 1125886
https://bugzilla.suse.com/1178236
SUSE Bug 1178236
https://bugzilla.suse.com/1188921
SUSE Bug 1188921
https://www.suse.com/security/cve/CVE-2021-37600/
SUSE CVE CVE-2021-37600 page

Описание

** DISPUTED ** An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.

Затронутые продукты

openSUSE Leap 15.2:libblkid-devel-2.33.2-lp152.5.9.1

openSUSE Leap 15.2:libblkid-devel-32bit-2.33.2-lp152.5.9.1

openSUSE Leap 15.2:libblkid-devel-static-2.33.2-lp152.5.9.1

openSUSE Leap 15.2:libblkid1-2.33.2-lp152.5.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-37600.html
CVE-2021-37600
https://bugzilla.suse.com/1188921
SUSE Bug 1188921

openSUSE-SU-2021:1440-1

Описание

Список пакетов

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2021-37600

Описание

Затронутые продукты

Ссылки