Updated util-linux packages fix security vulnerability
Publication date: 16 May 2018Modification date: 16 May 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-7738
Description
A command injection flaw was found in the way util-linux implements umount autocompletion in Bash. An attacker with the ability to mount a filesystem with custom mount points may execute arbitrary commands on behalf of the user who triggers the umount autocompletion (CVE-2018-7738).
References
SRPMS
6/core
- util-linux-2.28.2-2.1.mga6