PT-2011-1206 · Linux+1 · Util-Linux+1

Dan Rosenberg

Published

2011-04-10

Updated

2018-01-10

CVE-2011-1675

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions util-linux versions prior to 2.22.2

Description The issue concerns multiple vulnerabilities in the util-linux package that can be exploited locally, potentially leading to breaches of confidentiality, integrity, and availability of protected information. A specific problem in util-linux versions 2.19 and earlier involves the mount function attempting to append to the /etc/mtab.tmp file without checking for resource limits, which can lead to corruption of the /etc/mtab file if a user triggers the issue with a process that has a small RLIMIT FSIZE value.

Recommendations For util-linux versions prior to 2.22.2, update to version 2.22.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the mount function to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

BDU:2015-09701

CVE-2011-1675

RHSA-2011:1691

RHSA-2011_1691

RHSA-2012:0307

RHSA-2012_0307

Affected Products

Red Hat

Util-Linux

PT-2011-1206 · Linux+1 · Util-Linux+1

CVE-2011-1675

Weakness Enumeration

Related Identifiers

Affected Products

References · 34