PT-2011-5200 · Canonical+1 · Ecryptfs-Utils+1

Dan Rosenberg

Published

1970-01-01

Updated

2024-06-15

CVE-2011-1831

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions ecryptfs-utils versions prior to 90

Description The issue allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of the issue can be carried out locally.

Recommendations As a temporary workaround, consider restricting access to the mount system call until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

BDU:2015-02608

BDU:2015-04437

BDU:2015-04438

BDU:2015-04439

BDU:2015-05975

BDU:2015-05976

BDU:2015-05977

BDU:2015-05978

BDU:2015-05979

BDU:2015-05980

BDU:2015-08749

BDU:2015-08750

BDU:2015-08751

BDU:2015-08752

BDU:2015-08753

BDU:2015-08754

CVE-2011-1831

DSA-2382-1

OPENSUSE-SU-2024:10118-1

RHSA-2011:1241

RHSA-2011_1241

Affected Products

Red Hat

Ecryptfs-Utils

PT-2011-5200 · Canonical+1 · Ecryptfs-Utils+1

CVE-2011-1831

Weakness Enumeration

Related Identifiers

Affected Products

References · 45