CNNVD-202512-672 Information

CNNVD ID

CNNVD-202512-672

Related CVE

CVE-2025-14104

• CNNVD Published: 2025-12-05

Description (Chinese)

util-linux是util-linux开源的一个软件包。 util-linux存在缓冲区错误漏洞，该漏洞源于处理256字节用户名时的堆缓冲区过度读取，可能导致SUID登录工具的安全问题。

Description (English)

util-linux is a software package from the open source of util-linux. The util-linux has a buffer zone error loophole, which stems from overreading of the buffer zone during the processing of 256 byte user names, which may lead to the security of the SUD login tool.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

util-linux

Published

2025-12-05

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-14104 https://bugzilla.redhat.com/show_bug.cgi?id=2419369