CVE-2011-1675

2011-04-1002:55:01

CWE-399

[email protected]

web.nvd.nist.gov

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:P/A:N

AI Score

9.1

Confidence

High

EPSS

Percentile

10.1%

JSON

mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

Affected configurations

Nvd

Node

linuxutil-linuxRange≤2.19

linuxutil-linuxMatch2.2

linuxutil-linuxMatch2.5

linuxutil-linuxMatch2.7

linuxutil-linuxMatch2.8

linuxutil-linuxMatch2.9

linuxutil-linuxMatch2.10

linuxutil-linuxMatch2.11

linuxutil-linuxMatch2.12

linuxutil-linuxMatch2.12pre

linuxutil-linuxMatch2.13

linuxutil-linuxMatch2.13pre

linuxutil-linuxMatch2.14

linuxutil-linuxMatch2.15

linuxutil-linuxMatch2.16

linuxutil-linuxMatch2.17

linuxutil-linuxMatch2.18

VendorProductVersionCPE
linuxutil-linux*cpe:2.3:a:linux:util-linux:*:*:*:*:*:*:*:*
linuxutil-linux2.2cpe:2.3:a:linux:util-linux:2.2:*:*:*:*:*:*:*
linuxutil-linux2.5cpe:2.3:a:linux:util-linux:2.5:*:*:*:*:*:*:*
linuxutil-linux2.7cpe:2.3:a:linux:util-linux:2.7:*:*:*:*:*:*:*
linuxutil-linux2.8cpe:2.3:a:linux:util-linux:2.8:*:*:*:*:*:*:*
linuxutil-linux2.9cpe:2.3:a:linux:util-linux:2.9:*:*:*:*:*:*:*
linuxutil-linux2.10cpe:2.3:a:linux:util-linux:2.10:*:*:*:*:*:*:*
linuxutil-linux2.11cpe:2.3:a:linux:util-linux:2.11:*:*:*:*:*:*:*
linuxutil-linux2.12cpe:2.3:a:linux:util-linux:2.12:*:*:*:*:*:*:*
linuxutil-linux2.12cpe:2.3:a:linux:util-linux:2.12:pre:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	util-linux	*	cpe:2.3:a:linux:util-linux::::::::
linux	util-linux	2.2	cpe:2.3:a:linux:util-linux:2.2:::::::*
linux	util-linux	2.5	cpe:2.3:a:linux:util-linux:2.5:::::::*
linux	util-linux	2.7	cpe:2.3:a:linux:util-linux:2.7:::::::*
linux	util-linux	2.8	cpe:2.3:a:linux:util-linux:2.8:::::::*
linux	util-linux	2.9	cpe:2.3:a:linux:util-linux:2.9:::::::*
linux	util-linux	2.10	cpe:2.3:a:linux:util-linux:2.10:::::::*
linux	util-linux	2.11	cpe:2.3:a:linux:util-linux:2.11:::::::*
linux	util-linux	2.12	cpe:2.3:a:linux:util-linux:2.12:::::::*
linux	util-linux	2.12	cpe:2.3:a:linux:util-linux:2.12:pre::::::