Andries Brouwer » Util-linux » 2.11n : Security Vulnerabilities, CVEs,
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags.
Max CVSS
7.2
EPSS Score
0.09%
Published
2005-09-13
Updated
2018-10-19
A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expected, which may make it easier for certain types of attacks to succeed.
Max CVSS
5.0
EPSS Score
0.31%
Published
2003-03-03
Updated
2017-10-10
2 vulnerabilities found