CVE-2026-3184

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions util-linux (affected versions not specified)

Description An access control bypass exists due to improper hostname canonicalization. This issue affects the 'login -h' command and can lead to incorrect access control. The fix ensures correct access control by properly handling full hostname usage for PAM.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-289

Related Identifiers

CVE-2026-3184

ECHO-783B-C2AC-C763

OESA-2026-1532

OESA-2026-1533

OESA-2026-1534

OESA-2026-1535

OESA-2026-1635

OESA-2026-1636

OPENSUSE-SU-2026:10288-1

OPENSUSE-SU-2026:20495-1

RHSA-2026:7180

SUSE-SU-2026:0803-1

SUSE-SU-2026:0856-1

SUSE-SU-2026:0857-1

SUSE-SU-2026:0982-1

SUSE-SU-2026:0987-1

SUSE-SU-2026:1370-1

SUSE-SU-2026:1406-1

SUSE-SU-2026:20664-1

SUSE-SU-2026:20714-1

SUSE-SU-2026:21016-1

SUSE-SU-2026:21158-1

Affected Products

Util-Linux

CVE-2026-3184

Weakness Enumeration

Related Identifiers

Affected Products

References · 58