Back to bug 1312852
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-02-29 11:59:30 UTC | Depends On | 1312855 | |
| Adam Mariš | 2016-02-29 12:12:38 UTC | Blocks | 1312867 | |
| Adam Mariš | 2016-03-09 12:50:09 UTC | Whiteboard | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,rhel-5/util-linux=new,fedora-all/util-linux=affected | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,rhel-5/util-linux=new,rhel-6/util-linux-ng=new,rhel-7/util-linux=new,fedora-all/util-linux=affected |
| Cedric Buissart | 2016-04-04 10:25:49 UTC | CC | cbuissar | |
| Cedric Buissart | 2016-04-04 10:30:52 UTC | Whiteboard | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,rhel-5/util-linux=new,rhel-6/util-linux-ng=new,rhel-7/util-linux=new,fedora-all/util-linux=affected | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,rhel-5/util-linux=notaffected,rhel-6/util-linux-ng=notaffected,rhel-7/util-linux=new,fedora-all/util-linux=affected |
| Cedric Buissart | 2016-04-05 15:31:37 UTC | Whiteboard | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,rhel-5/util-linux=notaffected,rhel-6/util-linux-ng=notaffected,rhel-7/util-linux=new,fedora-all/util-linux=affected | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,rhel-5/util-linux=notaffected,rhel-6/util-linux-ng=notaffected,rhel-7/util-linux=affected,fedora-all/util-linux=affected |
| Kamil Dudka | 2016-09-27 11:26:09 UTC | CC | kdudka | |
| Karel Zak | 2016-09-29 14:41:23 UTC | Status | NEW | POST |
| Slawomir Czarko | 2017-02-08 17:44:21 UTC | CC | slawomir | |
| Cedric Buissart | 2018-03-05 13:42:45 UTC | Fixed In Version | util-linux 2.31 | |
| Cedric Buissart | 2018-03-05 13:46:45 UTC | Status | POST | NEW |
| Cedric Buissart | 2018-03-05 13:59:06 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Doc Text | It was found that runuser was vulnerable to TIOCSTI ioctl attacks, allowing the executed program to push characters to its TTY's input buffer. While being executed as a non-privileged user, a specially crafted program could force its parent TTY to enter commands, interpreted by the shell when runuser exits. | |||
| Whiteboard | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,rhel-5/util-linux=notaffected,rhel-6/util-linux-ng=notaffected,rhel-7/util-linux=affected,fedora-all/util-linux=affected | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,cwe=cwe-270,rhel-5/util-linux=notaffected,rhel-6/util-linux-ng=notaffected,rhel-7/util-linux=wontfix,fedora-all/util-linux=affected | ||
| Last Closed | 2018-03-05 08:59:06 UTC | |||
| Cedric Buissart | 2018-03-05 14:03:00 UTC | Whiteboard | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,cwe=cwe-270,rhel-5/util-linux=notaffected,rhel-6/util-linux-ng=notaffected,rhel-7/util-linux=wontfix,fedora-all/util-linux=affected | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,cwe=cwe-270,rhel-5/util-linux=notaffected,rhel-6/util-linux-ng=notaffected,rhel-7/util-linux=wontfix,fedora-all/util-linux=affected,rhel-8/util-linux=affected |
| Cedric Buissart | 2018-03-05 14:03:14 UTC | Depends On | 1551608 | |
| Adam Mariš | 2018-05-04 13:16:49 UTC | Whiteboard | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,cwe=cwe-270,rhel-5/util-linux=notaffected,rhel-6/util-linux-ng=notaffected,rhel-7/util-linux=wontfix,fedora-all/util-linux=affected,rhel-8/util-linux=affected | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,cwe=CWE-270,rhel-5/util-linux=notaffected,rhel-6/util-linux-ng=notaffected,rhel-7/util-linux=wontfix,fedora-all/util-linux=affected,rhel-8/util-linux=affected |
| Tomas Hoger | 2019-05-07 08:59:04 UTC | Whiteboard | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,cwe=CWE-270,rhel-5/util-linux=notaffected,rhel-6/util-linux-ng=notaffected,rhel-7/util-linux=wontfix,fedora-all/util-linux=affected,rhel-8/util-linux=affected | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,cwe=CWE-270,rhel-5/util-linux=notaffected,rhel-6/util-linux-ng=notaffected,rhel-7/util-linux=wontfix,fedora-all/util-linux=affected,rhel-8/util-linux=notaffected |
| Product Security DevOps Team | 2019-09-29 13:45:06 UTC | Whiteboard | impact=moderate,public=20160226,reported=20160227,source=oss-security,cvss2=6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,cwe=CWE-270,rhel-5/util-linux=notaffected,rhel-6/util-linux-ng=notaffected,rhel-7/util-linux=wontfix,fedora-all/util-linux=affected,rhel-8/util-linux=notaffected |
Back to bug 1312852