[USN-1188-1] eCryptfs vulnerabilities
eCryptfs could be tricked into mounting and unmounting arbitrary locations, and possibly disclose confidential information.
Vasiliy Kulikov and Dan Rosenberg discovered that eCryptfs incorrectly
validated permissions on the requested mountpoint. A local attacker could
use this flaw to mount to arbitrary locations, leading to privilege
escalation. (CVE-2011-1831)
Vasiliy Kulikov and Dan Rosenberg discovered that eCryptfs incorrectly
validated permissions on the requested mountpoint. A local attacker could
use this flaw to unmount to arbitrary locations, leading to a denial of
service. (CVE-2011-1832)
Vasiliy Kulikov and Dan Rosenberg discovered that eCryptfs incorrectly
validated permissions on the requested source directory. A local attacker
could use this flaw to mount an arbitrary directory, possibly leading to
information disclosure. A pending kernel update will provide the other
half of the fix for this issue. (CVE-2011-1833)
Dan Rosenberg and Marc Deslauriers discovered that eCryptfs incorrectly
handled modifications to the mtab file when an error occurs. A local
attacker could use this flaw to corrupt the mtab file, and possibly unmount
arbitrary locations, leading to a denial of service. (CVE-2011-1834)
Marc Deslauriers discovered that eCryptfs incorrectly handled keys when
setting up an encrypted private directory. A local attacker could use this
flaw to manipulate keys during creation of a new user. (CVE-2011-1835)
Marc Deslauriers discovered that eCryptfs incorrectly handled permissions
during recovery. A local attacker could use this flaw to possibly access
another user's data during the recovery process. This issue only applied to
Ubuntu 11.04. (CVE-2011-1836)
Vasiliy Kulikov discovered that eCryptfs incorrectly handled lock counters.
A local attacker could use this flaw to possibly overwrite arbitrary files.
The default symlink restrictions in Ubuntu 10.10 and 11.04 should protect
against this issue. (CVE-2011-1837)
- ID
- USN-1188-1
- Severity
- medium
- Severity from
- CVE-2011-1831
- URL
- https://ubuntu.com/security/notices/USN-1188-1
- Published
-
2011-08-09T17:26:39
(13 years ago) - Modified
-
2011-08-09T17:26:39
(13 years ago) - Other Advisories
-
-
ALAS-2011-16
-
ELSA-2011-1241
-
ELSA-2011-1350
-
ELSA-2011-1386
-
ELSA-2011-2029
-
FEDORA-2011-10671
-
FEDORA-2011-10718
-
FEDORA-2011-10733
-
FEDORA-2011-11936
-
FEDORA-2011-11979
-
FEDORA-2011-12874
-
FEDORA-2011-14747
-
FEDORA-2011-15241
-
FEDORA-2011-16346
-
RHSA-2011:1241
-
RHSA-2011:1350
-
SUSE-SU-2015:0652-1
-
USN-1202-1
-
USN-1204-1
-
USN-1211-1
-
USN-1212-1
-
USN-1219-1
-
USN-1227-1
-
USN-1239-1
-
USN-1240-1
-
USN-1245-1
-
USN-1253-1
-
USN-1256-1
-
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |