URL describes two vulnerabilites whose impact is the ability for an unauthorized user to unmount. Seemingly unreleased patches: https://github.com/util-linux/util-linux/commit/166e87368ae88bf31112a30e078cceae637f4cdb https://github.com/util-linux/util-linux/commit/57202f5713afa2af20ffbb6ab5331481d0396f8d https://github.com/util-linux/util-linux/commit/9c05f4b6bf62a20a64a8e5735c7f3dcf0229e895
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d5f5f2e564e448f86dee8c0271152c0dc47754d4 commit d5f5f2e564e448f86dee8c0271152c0dc47754d4 Author: Mathieu Tortuyaux <mtortuyaux@microsoft.com> AuthorDate: 2022-01-24 15:50:45 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-01-24 15:58:29 +0000 sys-apps/util-linux: bump to version 2.37.3 Bug: https://bugs.gentoo.org/831978 Package-Manager: Portage-3.0.28, Repoman-3.0.3 Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com> Closes: https://github.com/gentoo/gentoo/pull/23940 Signed-off-by: Sam James <sam@gentoo.org> sys-apps/util-linux/Manifest | 1 + .../util-linux-2.37.3-ioctl_ns-test-hang.patch | 37 +++ sys-apps/util-linux/util-linux-2.37.3.ebuild | 317 +++++++++++++++++++++ 3 files changed, 355 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5a614c66095fee76fc55e9fdea5b58e9bd39ef02 commit 5a614c66095fee76fc55e9fdea5b58e9bd39ef02 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-01-24 16:06:17 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-01-24 16:06:17 +0000 sys-apps/util-linux: remove duplicate patch Bug: https://bugs.gentoo.org/831978 Signed-off-by: Sam James <sam@gentoo.org> .../util-linux-2.37.3-ioctl_ns-test-hang.patch | 37 ---------------------- sys-apps/util-linux/util-linux-2.37.3.ebuild | 2 +- 2 files changed, 1 insertion(+), 38 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=4e42800d2202837758726b7cc0f86440487fee40 commit 4e42800d2202837758726b7cc0f86440487fee40 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-07 08:30:19 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-07 08:30:48 +0000 [ GLSA 202401-08 ] util-linux: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/806070 Bug: https://bugs.gentoo.org/831978 Bug: https://bugs.gentoo.org/833365 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-08.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+)