2 matches found
SUSE CVE-2011-3145
When mount.ecrpytfsprivate before version 87-0ubuntu1.2 calls setreuid it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfsprivate...
eCryptfs-utils mount.ecryptfs_private.c Elevation of Privilege Vulnerability
eCryptfs is an enterprise-class encrypted file system for the Linux platform. In eCryptfs-utils, mount.ecryptfsprivate.c is not verified to load the target filesystem type, and local users can get elevated privileges by loading through a non-standard filesystem...