Skip to navigation

Security Advisory Low: util-linux security, bug fix, and enhancement update

Advisory: RHSA-2012:0307-3
Type: Security Advisory
Severity: Low
Issued on: 2012-02-21
Last updated on: 2012-02-21
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2011-1675
CVE-2011-1677

Details

An updated util-linux package that fixes multiple security issues, various
bugs, and adds two enhancements is now available for Red Hat
Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

The util-linux package contains a large variety of low-level system
utilities that are necessary for a Linux system to function. Among others,
util-linux contains the fdisk configuration tool and the login program.

Multiple flaws were found in the way the mount and umount commands
performed mtab (mounted file systems table) file updates. A local,
unprivileged user allowed to mount or unmount file systems could use these
flaws to corrupt the mtab file and create a stale lock file, preventing
other users from mounting and unmounting file systems. (CVE-2011-1675,
CVE-2011-1677)

This update also fixes the following bugs:

* When the user logged into a telnet server, the login utility did not
update the utmp database properly if the utility was executed from the
telnetd daemon. This was due to telnetd not creating an appropriate entry
in a utmp file before executing login. With this update, correct entries
are created and the database is updated properly. (BZ#646300)

* Various options were not described on the blockdev(8) manual page. With
this update, the blockdev(8) manual page includes all the relevant options.
(BZ#650937)

* Prior to this update, the build process of the util-linux package failed
in the po directory with the following error message: "@MKINSTALLDIRS@:
No such file or directory". An upstream patch has been applied to address
this issue, and the util-linux package now builds successfully. (BZ#677452)

* Previously, the ipcs(1) and ipcrm(1) manual pages mentioned an invalid
option, "-b". With this update, only valid options are listed on those
manual pages. (BZ#678407)

* Previously, the mount(8) manual page contained incomplete information
about the ext4 and XFS file systems. With this update, the mount(8) manual
page contains the missing information. (BZ#699639)

In addition, this update adds the following enhancements:

* Previously, if DOS mode was enabled on a device, the fdisk utility could
report error messages similar to the following:

Partition 1 has different physical/logical beginnings (non-Linux?):
phys=(0, 1, 1) logical=(0, 2, 7)

This update enables users to switch off DOS compatible mode (by specifying
the "-c" option), and such error messages are no longer displayed.
(BZ#678430)

* This update adds the "fsfreeze" command which halts access to a file
system on a disk. (BZ#726572)

All users of util-linux are advised to upgrade to this updated package,
which contains backported patches to correct these issues and add these
enhancements.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
util-linux-2.13-0.59.el5.src.rpm
File outdated by:  RHBA-2012:1437
    MD5: bd3dce8e91dcb125e482572c7608f148
SHA-256: d84aa5d4d5867a2f971bb448b4837e591117b6fb03fc4a9c14a68749ef6a1186
 
IA-32:
util-linux-2.13-0.59.el5.i386.rpm
File outdated by:  RHBA-2012:1437
    MD5: 12f7cba84e46edfefd7227d9834ab3f2
SHA-256: d81e0856fe6a02feeb22ab9d6ec9ee96a5c1cf20a5964cfa21fdb6cc180c2181
util-linux-debuginfo-2.13-0.59.el5.i386.rpm
File outdated by:  RHBA-2012:1437
    MD5: 0541d0375717abcc6444b6907d4597fb
SHA-256: 51ec08d3bba87c676f3a1909d6821dd0d15c48baf6a796ece9bb3be90c05005a
 
IA-64:
util-linux-2.13-0.59.el5.ia64.rpm
File outdated by:  RHBA-2012:1437
    MD5: 393ff64e23088c18dcb022ab9ba30dfb
SHA-256: 421d0c44a36c6093dbc2521d7873d7274a8d4036bd1b57bbea907965460ec26e
util-linux-debuginfo-2.13-0.59.el5.ia64.rpm
File outdated by:  RHBA-2012:1437
    MD5: 5d72ab654f326ca884217940a21dc9ee
SHA-256: 97d540ffbc75ab805f626c4b8b92dc168bfdb91aaad3a1961f29dc666c34f60c
 
PPC:
util-linux-2.13-0.59.el5.ppc.rpm
File outdated by:  RHBA-2012:1437
    MD5: 92fa9eb12d0e34b41218b45c49392881
SHA-256: d00eab5acc9dde75faf3f297166b50ef819ff4a88a6133c46ada15513447af2e
util-linux-debuginfo-2.13-0.59.el5.ppc.rpm
File outdated by:  RHBA-2012:1437
    MD5: 06a8b15ac3ed9e261287215460da6bb6
SHA-256: e142b31c18dd1ff9c7d51b2c6534699f5db647403b48b45b339af371d87c5d8b
 
s390x:
util-linux-2.13-0.59.el5.s390x.rpm
File outdated by:  RHBA-2012:1437
    MD5: fe802d05c997c5b982aa813f3df33ea3
SHA-256: 395c11d542a822d76bc938b281f2b95833eef04191ca4a233a3fcc315bbbe892
util-linux-debuginfo-2.13-0.59.el5.s390x.rpm
File outdated by:  RHBA-2012:1437
    MD5: ecdbb161674602d34c9c7437b69e6d5e
SHA-256: 3e0a90f4e4c009a2714742316d0f835c589e70011872fee7e13925922de988a2
 
x86_64:
util-linux-2.13-0.59.el5.x86_64.rpm
File outdated by:  RHBA-2012:1437
    MD5: d6db25c37e584a180b9f5d50225cec98
SHA-256: 2e1a4f7bcac97c0365b6dd4fd1c3be60bc1a4540b680f5b44aff73c04850d246
util-linux-debuginfo-2.13-0.59.el5.x86_64.rpm
File outdated by:  RHBA-2012:1437
    MD5: fc535a8c67099c61b5007594f7a5b05e
SHA-256: 6e0cd866bdbfa2accca474bcb9f10c532fa3bf2a83e917d3f0e1eed6ce1b2807
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
util-linux-2.13-0.59.el5.src.rpm
File outdated by:  RHBA-2012:1437
    MD5: bd3dce8e91dcb125e482572c7608f148
SHA-256: d84aa5d4d5867a2f971bb448b4837e591117b6fb03fc4a9c14a68749ef6a1186
 
IA-32:
util-linux-2.13-0.59.el5.i386.rpm
File outdated by:  RHBA-2012:1437
    MD5: 12f7cba84e46edfefd7227d9834ab3f2
SHA-256: d81e0856fe6a02feeb22ab9d6ec9ee96a5c1cf20a5964cfa21fdb6cc180c2181
util-linux-debuginfo-2.13-0.59.el5.i386.rpm
File outdated by:  RHBA-2012:1437
    MD5: 0541d0375717abcc6444b6907d4597fb
SHA-256: 51ec08d3bba87c676f3a1909d6821dd0d15c48baf6a796ece9bb3be90c05005a
 
x86_64:
util-linux-2.13-0.59.el5.x86_64.rpm
File outdated by:  RHBA-2012:1437
    MD5: d6db25c37e584a180b9f5d50225cec98
SHA-256: 2e1a4f7bcac97c0365b6dd4fd1c3be60bc1a4540b680f5b44aff73c04850d246
util-linux-debuginfo-2.13-0.59.el5.x86_64.rpm
File outdated by:  RHBA-2012:1437
    MD5: fc535a8c67099c61b5007594f7a5b05e
SHA-256: 6e0cd866bdbfa2accca474bcb9f10c532fa3bf2a83e917d3f0e1eed6ce1b2807
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

646300 - login doesn't update /var/run/utmp properly
650937 - blockdev man page missing information
677452 - util-linux fails to build with gettext-0.17
678407 - [RHEL 5] ipcs and ipcrm in wrong man section
695916 - CVE-2011-1675 util-linux: mount fails to anticipate RLIMIT_FSIZE
695924 - CVE-2011-1677 util-linux: umount may fail to remove /etc/mtab~ lock file
699639 - mount man page is missing support for ext4/xfs


References


Keywords

blockdev, fdisk, fsfreeze, ipc


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/