CVE-2022-25328

The CVE-2022-25328 issue concerns the bash_completion script in Google fscrypt. The vulnerability arises from the bash_completion mechanism: a local attacker who can influence mountpoint paths can inject commands through crafted mountpoint names when the script performs completion. This could lea...

CVE-2022-25327

CVE-2022-25327 affects the PAM module for fscrypt, where inadequate validation of fscrypt metadata files lets a local user craft malicious metadata to cause a denial of service, preventing other users from logging in. The documented remediation is to upgrade to version 0.3.3 or above. The connect...

CVE-2022-25326

CVE-2022-25326 relates to the fscrypt project up to version 0.3.2, where during filesystem setup a world-writable directory is created by default. This behavior allows unprivileged local users to exhaust filesystem space. The public records consistently recommend upgrading to fscrypt 0.3.3 or new...

CVE-2018-6558

The vulnerability CVE-2018-6558 affects the pam_fscrypt module of fscrypt, where versions prior to 0.2.4 may incorrectly restore primary and supplementary group IDs to the values of the root user. This flaw can allow an unprivileged attacker to gain privileges through login flows used by applicat...