Debian Linux Security Advisory 4134-1 - Bjorn Bosselmann discovered that the umount bash completion from util-linux does not properly handle embedded shell commands in a mountpoint name. An attacker with rights to mount filesystems can take advantage of this flaw for privilege escalation if a user (in particular root) is tricked into using the umount completion while a specially crafted mount is present.
83b60daf457134ad19dfdbe3b0fbb827b9872307ec8d73874d18ff1123086aa2-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4134-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
March 10, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : util-linux
CVE ID : CVE-2018-7738
Debian Bug : 892179
Bjorn Bosselmann discovered that the umount bash completion from
util-linux does not properly handle embedded shell commands in a
mountpoint name. An attacker with rights to mount filesystems can take
advantage of this flaw for privilege escalation if a user (in particular
root) is tricked into using the umount completion while a specially
crafted mount is present.
For the stable distribution (stretch), this problem has been fixed in
version 2.29.2-1+deb9u1.
We recommend that you upgrade your util-linux packages.
For the detailed security status of util-linux please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/util-linux
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlqkUlhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SBvw//Y+r6WIIllVv5g4A4Oi+2x0jsJ4zlFek1Qbsx0RTXdWTKd7si3GjNnEN3
brn0Ml7GVgPY096nId0lwXQ4DhIVxy22KD9UU3UJSfJ4raK5P/auwSe+Xv9zzYAp
NuArtByKca08wInZTxTT2ZkpGcc4mlC+L66ZKtTfQ0SsaPpZLs3tRc2KHjRhxtbM
WGkNFfxLsAzp4p1UEQrYL9Zo02ka4GerSQrmbVfPZ44Ku99ZrRwsz458Wk4PjOSR
DB8z7txkO16xX4iF7Er+eq1OaKEeVXUu1a3pCXdglWWWQAlegP9f+dPUVuviDJWV
XEoCAK0BNtrtitMiV1a1FjvLp0ABfJmqa+26GYUvWGj2YCRd6lee7MgWfb+Hc+6G
NxcDNDEIdPN5G94oOh29R3dJ6bST+Boi0eYd7Znuj4sIiU7nhbgYVUTd4dGR1WWM
EAsKO4xrHQ5ucmhrb+F28E2N/c81FDeHzgdnOJnwKlCYW2dN2PIW65o6pENE6sQU
aqo+SmdplPQFOha9BAprfKiZ+VIBOVL741RB6wr0i7gnIBH5eCp00XB4Q4l7dLzu
Yg8jWPHPUVJ9m7caJwAj54EnfiKnjvboLVjETbdH99VI0SuaylxE4uzhPhZIob6I
oess20eJQ1EhkjuVQ3cEg6coLeaYPgLIxDsYI8/1YrQpk8KYAbE=
=ne8E
-----END PGP SIGNATURE-----
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed