CVE-2011-1835

Name of the Vulnerable Software and Affected Versions ecryptfs-utils versions prior to 90 ecryptfs-utils-32bit (affected versions not specified) ecryptfs-utils-gui-75 (affected versions not specified) ecryptfs-utils-devel-75 (affected versions not specified) ecryptfs-utils-75 (affected versions not specified) ecryptfs-utils-82 (affected versions not specified) ecryptfs-utils-devel-82 (affected versions not specified) ecryptfs-utils-debuginfo-82 (affected versions not specified) ecryptfs-utils-x86-61 (affected versions not specified)

Description The issue concerns multiple vulnerabilities in the ecryptfs-utils package, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited locally. The encrypted private-directory setup process in utils/ecryptfs-setup-private does not properly ensure that the passphrase file is created, allowing local users to bypass intended access restrictions.

Recommendations For ecryptfs-utils versions prior to 90, update to version 90 or later to resolve the issue. For ecryptfs-utils-32bit, ecryptfs-utils-gui-75, ecryptfs-utils-devel-75, ecryptfs-utils-75, ecryptfs-utils-82, ecryptfs-utils-devel-82, ecryptfs-utils-debuginfo-82, and ecryptfs-utils-x86-61, at the moment, there is no information about a newer version that contains a fix for this vulnerability.