Zero Day MonitorZDM

← Back to list

3.7

CVE-2026-3184

red hat · red hat enterprise linux

Util-linux: util-linux: access control bypass due to improper hostname canonicalization

Description

A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a specially crafted hostname, potentially bypassing host-based Pluggable Authentication Modules (PAM) access control rules that rely on fully qualified domain names. This could lead to unauthorized access.

Affected Products

Vendor	Product	Versions
red hat	red hat enterprise linux	—

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
open source	open source util-linux	cert_advisory	90%
su	suse opensuse	cert_advisory	90%
su	suse linux	cert_advisory	90%

References

https://access.redhat.com/security/cve/CVE-2026-3184(vdb-entry, x_refsource_REDHAT)
https://bugzilla.redhat.com/show_bug.cgi?id=2442570(issue-tracking, x_refsource_REDHAT)

Related News (2 articles)

Tier B

BSI Advisories1h ago

[UPDATE] [niedrig] util-linux: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

→ No new info (linked only)

Tier A

Microsoft MSRC4h ago

CVE-2026-3184 Util-linux: util-linux: access control bypass due to improper hostname canonicalization

→ No new info (linked only)

CVSS 3.13.7 NONE

CISA KEV❌ No

Actively exploited❌ No

CWECWE-289

PublishedApr 3, 2026

Last enriched3d ago

Trending Score31

Source articles2

Independent2

Info Completeness0/14

Missing: cve_id, title, description, vendor, product, versions, cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-4634EXP

Keycloak: keycloak: denial of service via excessive processing of openid connect scope parameters

HIGHCVE-2026-4636EXP

Keycloak: keycloak: uma policy bypass allows authenticated users to gain unauthorized access to victim-owned resources.

HIGHCVE-2026-3872EXP

Keycloak: keycloak: information disclosure due to redirect_uri validation bypass

HIGHCVE-2026-4282EXP

Keycloak: keycloak: privilege escalation via forged authorization codes due to singleuseobjectprovider isolation flaw

MEDIUMCVE-2026-4325

Keycloak: keycloak: replay of action tokens via improper handling of single-use entries

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 3, 2026

Discovered by ZDM

Apr 3, 2026