VDB
GCVE-110-MAGEIA-2015-352
GCVE-110-MAGEIA-2015-352
Advisory Published
Updated util-linux packages fix security vulnerability:
The chfn and chsh commands in util-linux's login-utils are vulnerable to a
file name collision due to incorrect mkstemp usage. If the chfn and chsh
binaries are both setuid-root they eventually call mkostemp in such a way that
an attacker could repeatedly call them and eventually be able to overwrite
certain files in /etc (CVE-2015-5224).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | util-linux | 2.25.2-3.1.mga5 (unaffected), 0 (affected) | — |
Aliases
References
Browse GCVE Records
73,393 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.