Fluid Attacks Database

Description

In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	util-linux	>=0 <2.31.1-0.5	2.31.1-0.5
debian 13	bash-completion	=1:2.16.0-7 \|\| =1:2.16.0-8	-
debian 11	bash-completion	=1:2.11-2 \|\| =1:2.11-3 \|\| =1:2.11-3~exp1 \|\| =1:2.11-4 \|\| =1:2.11-5 \|\| =1:2.11-6 \|\| =1:2.11-7 \|\| =1:2.11-8 \|\| =1:2.12.0-1 \|\| =1:2.13.0-1 \|\| =1:2.14.0-1 \|\| =1:2.14.0-2 \|\| =1:2.16.0-1 \|\| =1:2.16.0-2 \|\| =1:2.16.0-3 \|\| =1:2.16.0-4 \|\| =1:2.16.0-5 \|\| =1:2.16.0-6 \|\| =1:2.16.0-7 \|\| =1:2.16.0-8	-
debian 12	bash-completion	=1:2.11-6 \|\| =1:2.11-7 \|\| =1:2.11-8 \|\| =1:2.12.0-1 \|\| =1:2.13.0-1 \|\| =1:2.14.0-1 \|\| =1:2.14.0-2 \|\| =1:2.16.0-1 \|\| =1:2.16.0-2 \|\| =1:2.16.0-3 \|\| =1:2.16.0-4 \|\| =1:2.16.0-5 \|\| =1:2.16.0-6 \|\| =1:2.16.0-7 \|\| =1:2.16.0-8	-
debian 13	util-linux	>=0 <2.31.1-0.5	2.31.1-0.5
debian 14	bash-completion	=1:2.16.0-7 \|\| =1:2.16.0-8	-
debian 11	util-linux	>=0 <2.31.1-0.5	2.31.1-0.5
debian 14	util-linux	>=0 <2.31.1-0.5	2.31.1-0.5

Aliases

1. CVE-2018-77382. NVD-2018-77383. OSV-DEBIAN-2018-77384. OSV-2018-77385. SECURITY-TRACKER-CVE-2018-7738

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.