AOSA-2017-0029: Update Util-Linux
March 4, 2017
Please update your
util-linux package to version
A recently released update to Util-Linux has address a security vulnerability, assigned with CVE-2017-2616.
It is possible for any local user to send
SIGKILL to other processes with root privileges. To exploit this, the user must be able to perform su with a successful login.
SIGKILL can only be sent to processes which were executed after the su process. It is not possible to send
SIGKILL to processes which were already running.