Every CVE whose affected-product data names Kernel Util-linux, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2015-5224 — CVSS 9.8 (critical): The mkostemp function in login-utils in util-linux when used incorrectly allows remote attackers to cause file name collision and possibly…
CVE-2018-7738 — CVSS 7.8 (high): In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint…
CVE-2016-2779 — CVSS 7.8 (high): runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the…
CVE-2007-5191 — CVSS 7.2 (high): mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return…
CVE-2026-13595 — CVSS 6.8 (medium): A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare…
CVE-2020-21583 — CVSS 6.7 (medium): An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path…
CVE-2001-1494 — CVSS 5.5 (medium): script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the…
CVE-2021-37600 — CVSS 5.5 (medium): An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources…
CVE-2021-3995 — CVSS 5.5 (medium): A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE…
CVE-2021-3996 — CVSS 5.5 (medium): A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE…
CVE-2022-0563 — CVSS 5.5 (medium): A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC"…
CVE-2026-27456 — CVSS 4.7 (medium): util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU (Time-of-Check-Time-of-Use) vulnerability has been…
CVE-2016-5011 — CVSS 4.6 (medium): The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a…
CVE-2026-3184 — CVSS 3.7 (low): A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify…
CVE-2024-28085 — CVSS 3.3 (low): wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals…
CVE-2015-5218 — CVSS 2.1 (low): Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a…
CVE-2013-0157 — CVSS 2.1 (low): (a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of…