PT-2011-5202 · Canonical+1 · Ecryptfs-Utils+1

Dan Rosenberg

Published

1970-01-01

Updated

2024-06-15

CVE-2011-1834

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions ecryptfs-utils versions prior to 90

Description The issue concerns multiple vulnerabilities in the ecryptfs-utils package, which can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited locally, allowing attackers to cause a denial of service or bypass unmounting restrictions. The utils/mount.ecryptfs private.c file in ecryptfs-utils does not properly maintain the mtab file during error conditions, enabling local users to corrupt tables or bypass intended unmounting restrictions via a umount system call.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

BDU:2015-02608

BDU:2015-04437

BDU:2015-04438

BDU:2015-04439

BDU:2015-05975

BDU:2015-05976

BDU:2015-05977

BDU:2015-05978

BDU:2015-05979

BDU:2015-05980

BDU:2015-08749

BDU:2015-08750

BDU:2015-08751

BDU:2015-08752

BDU:2015-08753

BDU:2015-08754

CVE-2011-1834

DSA-2382-1

OPENSUSE-SU-2024:10118-1

RHSA-2011:1241

RHSA-2011_1241

Affected Products

Red Hat

Ecryptfs-Utils

PT-2011-5202 · Canonical+1 · Ecryptfs-Utils+1

CVE-2011-1834

Weakness Enumeration

Related Identifiers

Affected Products

References · 45