Описание
Security update for util-linux
This update for util-linux fixes the following issues:
- CVE-2021-37600: Fixed an integer overflow which could lead to a buffer overflow in get_sem_elements() in sys-utils/ipcutils.c. (bsc#1188921)
Список пакетов
openSUSE Leap 15.3
libblkid-devel-2.36.2-4.5.1
libblkid-devel-32bit-2.36.2-4.5.1
libblkid-devel-static-2.36.2-4.5.1
libblkid1-2.36.2-4.5.1
libblkid1-32bit-2.36.2-4.5.1
libfdisk-devel-2.36.2-4.5.1
libfdisk-devel-32bit-2.36.2-4.5.1
libfdisk-devel-static-2.36.2-4.5.1
libfdisk1-2.36.2-4.5.1
libfdisk1-32bit-2.36.2-4.5.1
libmount-devel-2.36.2-4.5.1
libmount-devel-32bit-2.36.2-4.5.1
libmount-devel-static-2.36.2-4.5.1
libmount1-2.36.2-4.5.1
libmount1-32bit-2.36.2-4.5.1
libsmartcols-devel-2.36.2-4.5.1
libsmartcols-devel-32bit-2.36.2-4.5.1
libsmartcols-devel-static-2.36.2-4.5.1
libsmartcols1-2.36.2-4.5.1
libsmartcols1-32bit-2.36.2-4.5.1
libuuid-devel-2.36.2-4.5.1
libuuid-devel-32bit-2.36.2-4.5.1
libuuid-devel-static-2.36.2-4.5.1
libuuid1-2.36.2-4.5.1
libuuid1-32bit-2.36.2-4.5.1
python3-libmount-2.36.2-4.5.1
util-linux-2.36.2-4.5.1
util-linux-lang-2.36.2-4.5.1
util-linux-systemd-2.36.2-4.5.1
uuidd-2.36.2-4.5.1
Ссылки
- E-Mail link for openSUSE-SU-2021:3474-1
- SUSE Security Ratings
- SUSE Bug 1178236
- SUSE Bug 1188921
- SUSE CVE CVE-2021-37600 page
Описание
** DISPUTED ** An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.
Затронутые продукты
openSUSE Leap 15.3:libblkid-devel-2.36.2-4.5.1
openSUSE Leap 15.3:libblkid-devel-32bit-2.36.2-4.5.1
openSUSE Leap 15.3:libblkid-devel-static-2.36.2-4.5.1
openSUSE Leap 15.3:libblkid1-2.36.2-4.5.1
Ссылки
- CVE-2021-37600
- SUSE Bug 1188921