CVE-2015-5224 (retired)

Priority
Description
The mkostemp function in login-utils in util-linux when used incorrectly
allows remote attackers to cause file name collision and possibly other
attacks.
Notes
 sarnold> wily and vivid are built with --disable-chfn-chsh which should
  disable the vulnerable code sections
 sarnold> precise and trusty did not appear to have the vulnerable functions
Package
Upstream:released (2.27-rc2)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Patches:
Upstream:https://github.com/karelzak/util-linux/commit/bde91c85bdc77975155058276f99d2e0f5eab5a9
More Information

Updated: 2019-03-26 12:16:00 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)