7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
78.4%
Software: util-linux 2.23.2
OS: Cobalt 7.9
CVE-ID: CVE-2015-5224
CVE-Crit: CRITICAL
CVE-DESC: The mkostemp function in login-utils in util-linux, when misused, allows remote attackers to cause file name conflict and possibly other attacks.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-5011
CVE-Crit: MEDIUM
CVE-DESC: The parse_dos_extended function in partitions / dos.c in the libblkid library in util-linux allows physically nearby attackers to cause a denial of service (memory consumption) via a created MSDOS partition table with an extended partition boot record at zero offset .
CVE-STATUS: Default
CVE-REV: Default
CVE-ID: CVE-2017-2616
CVE-Crit: MEDIUM
CVE-DESC: in util-linux before 2.32.1, a race condition was detected when su managed child processes. A locally authenticated attacker could exploit this vulnerability to kill other processes with root privileges under certain conditions.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2018-7738
CVE-Crit: HIGH
CVE-DESC: in util-linux before 2.32-rc1 bash-completion / umount allows local users to gain privileges by embedding shell commands in the mount point name, which is mishandled during the umount command (in Bash) by another user, as demonstrated by logging in as root and typing umount followed by a tab character for autocomplete.
CVE-STATUS: default
CVE-REV: default
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
78.4%