CVE-2007-5191

N/A Unknown
Published: October 04, 2007 Modified: April 23, 2026
View on NVD

Description

mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=195390
Source: secalert@redhat.com
Issue Tracking Third Party Advisory
http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198
Source: secalert@redhat.com
Third Party Advisory
http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=ebbeb2c7ac1b00b6083905957837a271e80b187e
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html
Source: secalert@redhat.com
Mailing List Third Party Advisory
http://lists.vmware.com/pipermail/security-announce/2008/000002.html
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/27104
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/27122
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/27145
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/27188
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/27283
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/27354
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/27399
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/27687
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/28348
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/28349
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/28368
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/28469
Source: secalert@redhat.com
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200710-18.xml
Source: secalert@redhat.com
Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2008/dsa-1449
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2008/dsa-1450
Source: secalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0969.html
Source: secalert@redhat.com
Third Party Advisory
http://www.securityfocus.com/archive/1/485936/100/0/threaded
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/486859/100/0/threaded
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/25973
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1018782
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-533-1
Source: secalert@redhat.com
Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2008-0001.html
Source: secalert@redhat.com
Third Party Advisory
http://www.vupen.com/english/advisories/2007/3417
Source: secalert@redhat.com
Third Party Advisory
http://www.vupen.com/english/advisories/2008/0064
Source: secalert@redhat.com
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=320041
Source: secalert@redhat.com
Issue Tracking Third Party Advisory
https://issues.rpath.com/browse/RPL-1757
Source: secalert@redhat.com
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101
Source: secalert@redhat.com
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html
Source: secalert@redhat.com
Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=195390
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Third Party Advisory
http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=ebbeb2c7ac1b00b6083905957837a271e80b187e
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.vmware.com/pipermail/security-announce/2008/000002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27104
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27122
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27145
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27188
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27283
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27354
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27399
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27687
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/28348
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/28349
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/28368
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/28469
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200710-18.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2008/dsa-1449
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2008/dsa-1450
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0969.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/archive/1/485936/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/486859/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/25973
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1018782
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-533-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2008-0001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2007/3417
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2008/0064
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=320041
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Third Party Advisory
https://issues.rpath.com/browse/RPL-1757
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

68 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.4%
35th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-252

Affected Vendors

fedoraproject debian loop-aes-utils_project kernel canonical

Related CVEs

CVE-2026-40941 N/A
CVE-2026-40084 6.5
CVE-2026-40083 7.2
CVE-2026-40082 5.4
CVE-2026-40080 6.1