Lucene search

K
cvelistMitreCVELIST:CVE-2011-3145
HistoryAug 23, 2011 - 12:00 a.m.

CVE-2011-3145 mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group

2011-08-2300:00:00
mitre
www.cve.org
3

CVSS3

3.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

AI Score

9.4

Confidence

High

EPSS

0.002

Percentile

59.9%

When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn’t also set the effective group id. So when it creates the new version, mtab.tmp, it’s created with the group id of the user running mount.ecryptfs_private.

CVSS3

3.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

AI Score

9.4

Confidence

High

EPSS

0.002

Percentile

59.9%