6.8

CVE-2026-13595

Util-linux: util-linux: heap use-after-free in libblkid nested partition probing

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be reallocated, this pointer becomes stale, leading to a heap use-after-free read. An attacker who can present a crafted block device image (for example, via USB insertion or a loop-mounted disk image) can trigger this flaw without user interaction, as libblkid is invoked automatically by udev/udisks as root on block-device hot-plug events. This could lead to limited information disclosure or denial of service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RedhatHardened Images Version-
RedhatOpenshift Container Platform Version >= 4.0 <= 4.22.1
RedhatEnterprise Linux Version7.0
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Version9.0
RedhatEnterprise Linux Version10.0
KernelUtil-linux Version < 2.42.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.11% 0.016
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 1 4.2
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
secalert@redhat.com 6.8 2.5 4.2
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://bugzilla.redhat.com/show_bug.cgi?id=2494101
Vendor Advisory
Issue Tracking
https://github.com/util-linux/util-linux/commit/c0186f14fbdb02f64c8e0ba701ce727ea764ff4c
Patch
https://access.redhat.com/errata/RHSA-2026:26573
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2026-13595
Vendor Advisory