Home

CVE-2018-7738

Description

In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.058

Associated Vulnerability

VulnerabilityOS Platform
util-linux security update(DSA-4134-1) util-linux_2.29.2-1+deb9u1_i386.debLinux
util-linux security update(DSA-4134-1) util-linux_2.29.2-1+deb9u1_amd64.debLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libblkid1-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libblkid1-32bit-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libblkid1-debuginfo-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libblkid1-debuginfo-32bit-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libfdisk1-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libfdisk1-debuginfo-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libmount1-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libmount1-32bit-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libmount1-debuginfo-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libmount1-debuginfo-32bit-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsmartcols1-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsmartcols1-debuginfo-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libuuid-devel-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libuuid1-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libuuid1-32bit-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libuuid1-debuginfo-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) libuuid1-debuginfo-32bit-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) python-libmount-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) python-libmount-debuginfo-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) python-libmount-debugsource-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-debuginfo-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-debugsource-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-lang-2.29.2-3.8.1.noarch.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-systemd-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-systemd-debuginfo-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-systemd-debugsource-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) uuidd-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:2071-1(SUSE Linux Enterprise Desktop 12-SP3 ) uuidd-debuginfo-2.29.2-3.8.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libblkid1-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libblkid1-32bit-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libblkid1-debuginfo-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libblkid1-debuginfo-32bit-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libfdisk1-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libfdisk1-debuginfo-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libmount1-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libmount1-32bit-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libmount1-debuginfo-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libmount1-debuginfo-32bit-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsmartcols1-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsmartcols1-debuginfo-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libuuid-devel-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libuuid1-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libuuid1-32bit-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libuuid1-debuginfo-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) libuuid1-debuginfo-32bit-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) python-libmount-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) python-libmount-debuginfo-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) python-libmount-debugsource-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-debuginfo-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-debugsource-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-lang-2.29.2-3.12.1.noarch.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-systemd-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-systemd-debuginfo-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) util-linux-systemd-debugsource-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) uuidd-2.29.2-3.12.1.x86_64.rpmLinux
SUSE-SU-2018:3926-1(SUSE Linux Enterprise Desktop 12-SP3 ) uuidd-debuginfo-2.29.2-3.12.1.x86_64.rpmLinux
miscellaneous system utilities (USN-4512-1) util-linux_2.31.1-0.4ubuntu3.7_i386.debLinux
miscellaneous system utilities (USN-4512-1) util-linux_2.31.1-0.4ubuntu3.7_amd64.debLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libblkid1-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libblkid1-32bit-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libblkid1-debuginfo-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libblkid1-debuginfo-32bit-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libfdisk1-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libfdisk1-debuginfo-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libmount1-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libmount1-32bit-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libmount1-debuginfo-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libmount1-debuginfo-32bit-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libsmartcols1-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libsmartcols1-debuginfo-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libuuid1-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libuuid1-32bit-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libuuid1-debuginfo-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) libuuid1-debuginfo-32bit-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) python-libmount-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) python-libmount-debuginfo-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) python-libmount-debugsource-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) util-linux-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) util-linux-debuginfo-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) util-linux-debugsource-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) util-linux-lang-2.33.2-4.33.1.noarch.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) util-linux-systemd-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) util-linux-systemd-debuginfo-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) util-linux-systemd-debugsource-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) uuidd-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:3268-1(SUSE Linux Enterprise Server 12 SP5 ) uuidd-debuginfo-2.33.2-4.33.1.x86_64.rpmLinux
SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64.rpmLinux
SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64.rpmLinux
SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64.rpmLinux
SUSE-SU-2023:4614-1(SUSE Linux Enterprise Server 12 SP5 ) java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64.rpmLinux
SUSE-SU-2023:4537-1(Basesystem Module 15-SP4 ) libxml2-2-2.9.14-150400.5.25.1.x86_64.rpmLinux
SUSE-SU-2023:4537-1(Basesystem Module 15-SP4 ) libxml2-devel-2.9.14-150400.5.25.1.x86_64.rpmLinux
SUSE-SU-2023:4537-1(Basesystem Module 15-SP4 ) libxml2-tools-2.9.14-150400.5.25.1.x86_64.rpmLinux
SUSE-SU-2023:4537-1(Basesystem Module 15-SP4 ) libxml2-2-32bit-2.9.14-150400.5.25.1.x86_64.rpmLinux
SUSE-SU-2023:4537-1(Basesystem Module 15-SP4 ) python3-libxml2-2.9.14-150400.5.25.1.x86_64.rpmLinux
SUSE-SU-2023:4537-1(Basesystem Module 15-SP4 ) libxml2-2-debuginfo-2.9.14-150400.5.25.1.x86_64.rpmLinux
SUSE-SU-2023:4537-1(Basesystem Module 15-SP4 ) libxml2-debugsource-2.9.14-150400.5.25.1.x86_64.rpmLinux
SUSE-SU-2023:4537-1(Basesystem Module 15-SP4 ) libxml2-tools-debuginfo-2.9.14-150400.5.25.1.x86_64.rpmLinux
SUSE-SU-2023:4537-1(Basesystem Module 15-SP4 ) libxml2-2-32bit-debuginfo-2.9.14-150400.5.25.1.x86_64.rpmLinux
SUSE-SU-2023:4537-1(Basesystem Module 15-SP4 ) python3-libxml2-debuginfo-2.9.14-150400.5.25.1.x86_64.rpmLinux
CVE-2018-7738NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234