[USN-5478-1] util-linux vulnerability

Severity Low

Affected Packages 15

CVEs 1

A util-linux program could be made to crash if it opened a specially crafted file system.

Christian Moch and Michael Gruhn discovered that the libblkid library
of util-linux did not properly manage memory under certain
circumstances. A local attacker could possibly use this issue
to cause denial of service by consuming all memory through
a specially crafted MSDOS partition table.

Package	Affected Version
pkg:deb/ubuntu/uuid-runtime?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/uuid-dev?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/util-linux?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/util-linux-locales?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/mount?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/libuuid1?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/libsmartcols1?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/libsmartcols-dev?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/libmount1?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/libmount-dev?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/libfdisk1?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/libfdisk-dev?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/libblkid1?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/libblkid-dev?distro=xenial	< 2.27.1-6ubuntu3.10+esm2
pkg:deb/ubuntu/bsdutils?distro=xenial	< 2.27.1-6ubuntu3.10+esm2

ID

USN-5478-1

Severity

low

URL

https://ubuntu.com/security/notices/USN-5478-1

Published

2022-06-14T22:50:13
(2 years ago)

Modified

2022-06-14T22:50:13
(2 years ago)

Other Advisories

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:deb/ubuntu/uuid-runtime?distro=xenial	ubuntu	uuid-runtime	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/uuid-dev?distro=xenial	ubuntu	uuid-dev	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/util-linux?distro=xenial	ubuntu	util-linux	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/util-linux-locales?distro=xenial	ubuntu	util-linux-locales	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/mount?distro=xenial	ubuntu	mount	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/libuuid1?distro=xenial	ubuntu	libuuid1	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/libsmartcols1?distro=xenial	ubuntu	libsmartcols1	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/libsmartcols-dev?distro=xenial	ubuntu	libsmartcols-dev	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/libmount1?distro=xenial	ubuntu	libmount1	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/libmount-dev?distro=xenial	ubuntu	libmount-dev	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/libfdisk1?distro=xenial	ubuntu	libfdisk1	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/libfdisk-dev?distro=xenial	ubuntu	libfdisk-dev	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/libblkid1?distro=xenial	ubuntu	libblkid1	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/libblkid-dev?distro=xenial	ubuntu	libblkid-dev	< 2.27.1-6ubuntu3.10+esm2	xenial
Affected	pkg:deb/ubuntu/bsdutils?distro=xenial	ubuntu	bsdutils	< 2.27.1-6ubuntu3.10+esm2	xenial

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date