Description
A race condition was found in util-linux before 2.32.1 in the way su
handled the management of child processes. A local authenticated attacker
could use this flaw to kill other processes with root privileges under
specific conditions.
Notes
sbeattie | ubuntu uses su from shadow package, not util-linux up until
(2.32-0.2) |
Package
Upstream: | released
(1:4.4-4)
|
Ubuntu 18.04 LTS: | released
(1:4.2-3.2ubuntu2)
|
Ubuntu 16.04 ESM: | released
(1:4.2-3.1ubuntu5.2)
|
Ubuntu 14.04 ESM: | released
(1:4.1.5.1-1ubuntu9.4)
|
Patches:
Package
Priority: Negligible
Upstream: | released
(2.29.2-1)
|
Ubuntu 18.04 LTS: | not-affected
(2.31.1-0.4ubuntu3.3)
|
Ubuntu 16.04 ESM: | not-affected
(binary not built)
|
Ubuntu 14.04 ESM: | not-affected
(binary not built)
|
Patches:
Updated: 2022-04-13 12:58:27 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)