Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 42: util-linux Critical Buffer Overflow CVE-2025-14104 Advisory

fedora
Calendar Grey December 21, 2025
Dist Fedora Esm H88
Addressed buffer overuse issue in util-linux on Fedora 42 with CVE-2025-14104 for enhanced security and stability.
fix setpwnam() buffer use [CVE-2025-14104] libblkid: use snprintf() instead of sprintf()

Summary

The util-linux package contains a large variety of low-level system

utilities that are necessary for a Linux system to function. Among

others, util-linux contains the fdisk configuration tool and the login

program.

Update Information:

fix setpwnam() buffer use [CVE-2025-14104] libblkid: use snprintf() instead of sprintf()

Topics%20covered

Topics Covered

security advisory fedora buffer overflow important util-linux system utilities

Change Log

* Mon Dec 15 2025 Karel Zak - 2.40.4-8 - fix setpwnam() buffer use [CVE-2025-14104] - libblkid: use snprintf() instead of sprintf()

References


[ 1 ] Bug #2419370 - CVE-2025-14104 util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2419370

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-fc18ab1e37' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: util-linux
Product: Fedora 42
Version: 2.40.4
Release: 8.fc42
URL: https://en.wikipedia.org/wiki/Util-linux
Summary: Collection of basic system utilities

Topics%20covered

Topics Covered

security advisory fedora buffer overflow important util-linux system utilities

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here