Description of Problem: syslog missing a parameter in util linux.c - parameters do not match format string. Version-Release number of selected component (if applicable): util-linux-2.11f How Reproducible: Compile time problem (in code only reached during error conditions) Steps to Reproduce: Compile login.c Note warnings: warning: format argument is not a pointer (arg4) warning: too few arguments for format Actual Results: N/A Expected Results: N/A Additional Information: I don't think that this line should ever be reached in normal usage. However, it can be reached on ENOMEM error from getpwnam() which will then result in login coredumping due to passing an integer parameter to a %s format. I don't believe so but this might just be exploitable if an already logged in user can consume all the available memory. (I'm not an expert on exploiting format string bugs) I have attached a patch (below)
Created attachment 35845 [details] fixes missing parameter to syslog in login.c
Fixed as part of the fix to bug #54741