CVE-2017-2616

Related Files

Ubuntu Security Notice USN-3276-3

Posted Nov 14, 2017

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3276-3 - USN-3276-1 and USN-3276-2 fixed vulnerabilities in shadow. This update provides the corresponding update for Ubuntu 12.04 ESM. Sebastian Krahmer discovered integer overflows in shadow utilities. A local attacker could possibly cause them to crash or potentially gain privileges via crafted input. Various other issues were also addressed.

tags | advisory, overflow, local, vulnerability

systems | linux, ubuntu

advisories | CVE-2016-6252, CVE-2017-2616

SHA-256 | 1e9c57ac95fdbfb8e5d4f1aae2419fe291ed3ef18bb3d7c164fe89167d8baaf7

Download | Favorite | View

Gentoo Linux Security Advisory 201706-02

Posted Jun 6, 2017

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-2 - Multiple vulnerabilities have been found in Shadow, the worst of which might allow privilege escalation. Versions less than 4.4-r2 are affected.

tags | advisory, vulnerability

systems | linux, gentoo

advisories | CVE-2016-6252, CVE-2017-2616

SHA-256 | 42c97d76c9ca105762c5b20100f77f3335d10553cc41fcd967b56e919255e985

Download | Favorite | View

Ubuntu Security Notice USN-3276-2

Posted May 17, 2017

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3276-2 - USN-3276-1 intended to fix a vulnerability in su. The solution introduced a regression in su signal handling. This update modifies the security fix. Sebastian Krahmer discovered integer overflows in shadow utilities. A local attacker could possibly cause them to crash or potentially gain privileges via crafted input. Various other issues were also addressed.

tags | advisory, overflow, local

systems | linux, ubuntu

advisories | CVE-2016-6252, CVE-2017-2616

SHA-256 | 196b09de8d68cc19eac4858a35f520d013c4a0d8bb8846854e50d6a4d29138bd

Download | Favorite | View

Red Hat Security Advisory 2017-0907-01

Posted Apr 13, 2017

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0907-01 - The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix: A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.

tags | advisory, local, root

systems | linux, redhat

advisories | CVE-2017-2616

SHA-256 | 5eb9400c2ea50eecfc21be6bb1f58a9909bf7048b8f363168e27e0b7d87c42da

Download | Favorite | View

Red Hat Security Advisory 2017-0654-01

Posted Mar 21, 2017

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0654-01 - The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fix: A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.

tags | advisory, local, root

systems | linux, redhat

advisories | CVE-2017-2616

SHA-256 | 0a6e6561b675d0cda0718db60cdc2b972bac9e81b2d5915d4e6a951edb1a4a6e

Download | Favorite | View