FEDORA-2022-9d02441b24 created by kzak 4 months ago for Fedora 35
stable

Security bugs in libmount, CVE-2021-3996 and CVE-2021-3995.

How to install

sudo dnf upgrade --advisory=FEDORA-2022-9d02441b24

This update has been submitted for testing by kzak.

4 months ago

This update's test gating status has been changed to 'waiting'.

4 months ago

kzak edited this update.

4 months ago

This update's test gating status has been changed to 'failed'.

4 months ago

This update's test gating status has been changed to 'passed'.

4 months ago

This update has been pushed to testing.

4 months ago
User Icon bojan commented & provided feedback 4 months ago
karma

Works.

User Icon norenh commented & provided feedback 4 months ago
karma

No regressions detected

This update can be pushed to stable now if the maintainer wishes

4 months ago
User Icon ibims provided feedback 4 months ago
karma

This update has been submitted for stable by bodhi.

4 months ago
User Icon andilinux commented & provided feedback 4 months ago
karma

works

User Icon besser82 commented & provided feedback 4 months ago
karma

Works great! LGTM! =)

FEDORA-2022-9d02441b24 ejected from the push because "Cannot find relevant tag for util-linux-2.37.3-1.fc35. None of ['f35-updates', 'f35-updates-pending'] are in ['epel9-next-testing', 'epel7-testing', 'dist-5E-epel-testing', 'f27-modular-updates-testing', 'f34-container-updates-testing', 'eln-updates-testing', 'f30-modular-updates-testing', 'f28-modular-updates-testing', 'f28-container-updates-testing', 'f30-container-updates-testing', 'epel8-testing', 'f30-flatpak-updates-testing', 'f35-container-updates-testing', 'f32-modular-updates-testing', 'f29-modular-updates-testing', 'f29-container-updates-testing', 'f29-flatpak-updates-testing', 'f22-updates-testing', 'f21-updates-testing', 'f25-updates-testing', 'f24-updates-testing', 'f23-updates-testing', 'f26-updates-testing', 'f31-modular-updates-testing', 'dist-6E-epel-testing', 'f32-flatpak-updates-testing', 'f35-flatpak-updates-testing', 'f27-updates-testing', 'f28-updates-testing', 'f30-updates-testing', 'f29-updates-testing', 'epel8-modular-updates-testing', 'f32-updates-testing', 'epel9-testing', 'f31-updates-testing', 'f31-container-updates-testing', 'f31-flatpak-updates-testing', 'f34-updates-testing', 'f34-modular-updates-testing', 'f34-flatpak-updates-testing', 'f36-container-updates-testing', 'f32-container-updates-testing', 'epel8-next-testing', 'f35-updates-testing', 'f35-modular-updates-testing', 'f33-updates-testing', 'f36-updates-testing', 'f33-modular-updates-testing', 'f33-container-updates-testing', 'f33-flatpak-updates-testing']."

4 months ago
karma
BZ#2024628 CVE-2021-3996 util-linux: Unauthorized unmount of filesystems in libmount
BZ#2024631 CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid
BZ#2044306 CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid [fedora-all]
BZ#2044307 CVE-2021-3996 util-linux: Unauthorized unmount of filesystems in libmount [fedora-all]

This update has been submitted for stable by bodhi.

4 months ago

FEDORA-2022-9d02441b24 ejected from the push because "Cannot find relevant tag for util-linux-2.37.3-1.fc35. None of ['coreos-pool', 'f35-updates', 'f35-updates-pending'] are in ['epel9-next-testing', 'epel7-testing', 'dist-5E-epel-testing', 'f27-modular-updates-testing', 'f34-container-updates-testing', 'eln-updates-testing', 'f30-modular-updates-testing', 'f28-modular-updates-testing', 'f28-container-updates-testing', 'f30-container-updates-testing', 'epel8-testing', 'f30-flatpak-updates-testing', 'f35-container-updates-testing', 'f32-modular-updates-testing', 'f29-modular-updates-testing', 'f29-container-updates-testing', 'f29-flatpak-updates-testing', 'f22-updates-testing', 'f21-updates-testing', 'f25-updates-testing', 'f24-updates-testing', 'f23-updates-testing', 'f26-updates-testing', 'f31-modular-updates-testing', 'dist-6E-epel-testing', 'f32-flatpak-updates-testing', 'f35-flatpak-updates-testing', 'f27-updates-testing', 'f28-updates-testing', 'f30-updates-testing', 'f29-updates-testing', 'epel8-modular-updates-testing', 'f32-updates-testing', 'epel9-testing', 'f31-updates-testing', 'f31-container-updates-testing', 'f31-flatpak-updates-testing', 'f34-updates-testing', 'f34-modular-updates-testing', 'f34-flatpak-updates-testing', 'f36-container-updates-testing', 'f32-container-updates-testing', 'epel8-next-testing', 'f35-updates-testing', 'f35-modular-updates-testing', 'f33-updates-testing', 'f36-updates-testing', 'f33-modular-updates-testing', 'f33-container-updates-testing', 'f33-flatpak-updates-testing']."

4 months ago
User Icon ankursinha commented & provided feedback 4 months ago
karma

nothing weird noted

This update has been submitted for stable by bodhi.

4 months ago

FEDORA-2022-9d02441b24 ejected from the push because "Cannot find relevant tag for util-linux-2.37.3-1.fc35. None of ['coreos-pool', 'f35-updates', 'f35-updates-pending'] are in ['epel9-next-testing', 'epel7-testing', 'dist-5E-epel-testing', 'f27-modular-updates-testing', 'f34-container-updates-testing', 'eln-updates-testing', 'f30-modular-updates-testing', 'f28-modular-updates-testing', 'f28-container-updates-testing', 'f30-container-updates-testing', 'epel8-testing', 'f30-flatpak-updates-testing', 'f35-container-updates-testing', 'f32-modular-updates-testing', 'f29-modular-updates-testing', 'f29-container-updates-testing', 'f29-flatpak-updates-testing', 'f22-updates-testing', 'f21-updates-testing', 'f25-updates-testing', 'f24-updates-testing', 'f23-updates-testing', 'f26-updates-testing', 'f31-modular-updates-testing', 'dist-6E-epel-testing', 'f32-flatpak-updates-testing', 'f35-flatpak-updates-testing', 'f27-updates-testing', 'f28-updates-testing', 'f30-updates-testing', 'f29-updates-testing', 'epel8-modular-updates-testing', 'f32-updates-testing', 'epel9-testing', 'f31-updates-testing', 'f31-container-updates-testing', 'f31-flatpak-updates-testing', 'f34-updates-testing', 'f34-modular-updates-testing', 'f34-flatpak-updates-testing', 'f36-container-updates-testing', 'f32-container-updates-testing', 'epel8-next-testing', 'f35-updates-testing', 'f35-modular-updates-testing', 'f33-updates-testing', 'f36-updates-testing', 'f33-modular-updates-testing', 'f33-container-updates-testing', 'f33-flatpak-updates-testing']."

4 months ago

no issues

User Icon ibims commented & provided feedback 3 months ago

Please push it to stable.

This update has been submitted for stable by humaton.

3 months ago

This update has been pushed to stable.

3 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
7
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
4 months ago
in testing
4 months ago
in stable
3 months ago
modified
4 months ago
BZ#2024628 CVE-2021-3996 util-linux: Unauthorized unmount of filesystems in libmount
0
1
BZ#2024631 CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid
0
1
BZ#2044306 CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid [fedora-all]
0
1
BZ#2044307 CVE-2021-3996 util-linux: Unauthorized unmount of filesystems in libmount [fedora-all]
0
1

Automated Test Results