Opened 3 weeks ago

Closed 37 hours ago

#5955 closed enhancement (fixed)

util-linux-2.42.2 (Security update)

Reported by: Bruce Dubbs Owned by: SecurityAdvisory
Priority: normal Milestone: 13.1
Component: Book Version: git
Severity: normal Keywords:
Cc:

Description

New point version.

CVE-2026-53613 - mount(8) TOCTOU race on target path
CVE-2026-53612 - mount(8) TOCTOU race on post-mount owner/mode change
CVE-2026-53614 - mount(8) SUID bypass via LIBMOUNT_FORCE_MOUNT2
   libblkid use-after-free in nested partition probing

See https://www.kernel.org/pub/linux/utils/util-linux/v2.42/v2.42.2-ReleaseNotes for full release notes.

Change History (2)

comment:1 by Bruce Dubbs, 7 days ago

Owner: changed from lfs-book to SecurityAdvisory

Fixed at commit 4a56fb5d78.

Leaving open for security advisories.

comment:2 by Bruce Dubbs, 37 hours ago

Resolution: fixed
Status: newclosed

Advisory sa-13.0-135 has been issued.

Note: See TracTickets for help on using tickets.