Security Advisory

CVE-2025-14104

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-05 16:22:09
Last updated 2026-06-29 23:29:45
Assigner redhat
State PUBLISHED

Description

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.