CVE-2011-1833

Name of the Vulnerable Software and Affected Versions ecryptfs-utils versions prior to the fixed version ext4dev-kmp-trace versions prior to the fixed version

Description The issue concerns multiple vulnerabilities in the ecryptfs-utils and ext4dev-kmp-trace packages of the SUSE Linux Enterprise operating system. These vulnerabilities can be exploited locally and may lead to a breach of confidentiality, integrity, and availability of protected information. A race condition in the ecryptfs mount function allows local users to bypass intended file permissions. The vulnerabilities can be exploited to disrupt the availability of protected information.

Recommendations For ecryptfs-utils, update to a version that includes the fix for the vulnerabilities. For ext4dev-kmp-trace, update to a version that includes the fix for the vulnerabilities. As a temporary workaround, consider restricting access to the ecryptfs mount function until a patch is available. Avoid using the ecryptfs-utils and ext4dev-kmp-trace packages until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.