Date: Wed, 7 Mar 2018 06:49:33 +0100 From: Salvatore Bonaccorso <carnil@...ian.org> To: OSS Security Mailinglist <oss-security@...ts.openwall.com> Subject: util-linux: CVE-2018-7738: code execution in bash-completion for umount Hi Björn Bosselmann reported to the Debian bugtracker, that the umount bash-completion as provided by the util-linux source does not escape mount point paths. A user with privileges to mount filesystems can embbed shell commands in a mountpoint name and taking advantage of this flaw to gain privilgeges. The issue was (indirectly) in  while adressing another issue. MITRE has assigned 'CVE-2018-7738' for this issue. Regards, Salvatore  https://bugs.debian.org/892179  https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ