11 matches found
CVE-2011-1831
CVE-2011-1831 affects the ecryptfs-utils package (mount.ecryptfs_private) prior to version 90. The vulnerability arises from a race in checking the mountpoint permissions during mount, allowing a local attacker to effectively replace a target directory with a new filesystem and gain privileges th...
CVE-2016-1572
CVE-2016-1572 concerns a flaw in mount.ecryptfs_private.c (ecryptfs-utils) where mount destination filesystem types are not validated, enabling a local user to gain privileges by mounting over a nonstandard filesystem (example: /proc/$pid). The vulnerability has been discussed in multiple advisor...
CVE-2012-3409
The vulnerability CVE-2012-3409 affects ecryptfs-utils: the suid helper does not restrict mounting filesystems with nosuid,nodev, enabling a possible local privilege escalation. Multiple advisories reference this issue (SUSE CVE-2012-3409; Debian security tracker; Ubuntu-related OSV entries; Fedo...
CVE-2011-1837
CVE-2011-1837 affects ecryptfs-utils where the lock-counter implementation in utils/mount.ecryptfs_private.c allows local users to overwrite arbitrary files via unspecified vectors. Public analyses in multiple advisories (openSUSE/SUSE, MiracleLinux AXSA:2011-680, Oracle Linux ELSA-2011-1241, SL/...
CVE-2011-1834
CVE-2011-1834 affects the ecryptfs-utils package, specifically the mount helper behavior in mount.ecryptfs_private.c. The root cause is improper handling of the mtab file during error conditions, which can allow a local user to cause a denial of service via table corruption or bypass intended unm...
CVE-2011-1832
CVE-2011-1832 affects ecryptfs-utils prior to version 90. A race condition in mount.ecryptfs_private’s mountpoint permission check could allow a local user to remove directories via an unmount call. The issue stems from inadequate validation before unmount/mount operations, enabling potential man...
CVE-2011-1835
The CVE-2011-1835 issue lies in ecryptfs-utils, specifically the encrypted private-directory setup path (utils/ecryptfs-setup-private) where the passphrase file may not be created correctly. This opens a local-privilige escalation risk by bypassing access restrictions during new-user creation ste...
CVE-2015-8946
Summary : CVE-2015-8946 affects the ecryptfs-utils package (eCryptfs) and its helper, specifically the swap setup in ecryptfs-setup-swap. The issue occurs when using GPT partitioning (and in some cases with certain systemd versions), where encrypted swap is not properly configured, potentially al...
CVE-2014-9687
CVE-2014-9687 affects the Linux eCryptfs utilities (ecryptfs-utils), specifically “ecryptfs-utils 104 and earlier.” The root cause is the use of a default salt to wrap the mount passphrase, which increases the effectiveness of offline brute-force password attacks. Documents in connected sources c...
CVE-2011-1836
CVE-2011-1836 affects ecryptfs-utils (before 90). The issue is that utils/ecryptfs-recover-private does not establish a subdirectory with safe permissions, potentially allowing local users to bypass access controls during recovery. The impact is limited to local privilege exposure/defeating restr...
CVE-2016-6224
The CVE-2016-6224 issue affects the ecryptfs-utils package (ecryptfs-setup-swap) and stems from an incomplete fix for CVE-2015-8946. Affects systems using GPT with NVMe or MMC drives; boot may activate an unencrypted swap, leading to potential exposure of sensitive data. Multiple distributions (F...