CVE-2011-1831

utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Affected Products (NVD)
VendorProductVersion
ecryptfsecryptfs-utils
𝑥
≤ 89
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ecryptfs-utils
bookworm
111-6
fixed
bullseye
111-5
fixed
sid
111-7
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ecryptfs-utils
hardy
not-affected
lucid
Fixed 83-0ubuntu3.2.10.04.1
released
maverick
Fixed 83-0ubuntu3.2.10.10.1
released
natty
Fixed 87-0ubuntu1.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
ecryptfs-utils-103
suse enterprise sap 12 SP5
8.3.1
fixed
suse enterprise server 12 SP2
7.1
fixed
suse enterprise server 12 SP3
7.1
fixed
suse enterprise server 12 SP4
8.3.1
fixed
suse enterprise server 12 SP5
8.3.1
fixed
ecryptfs-utils-32bit-103
suse enterprise sap 12 SP5
8.3.1
fixed
suse enterprise server 12 SP2
7.1
fixed
suse enterprise server 12 SP3
7.1
fixed
suse enterprise server 12 SP4
8.3.1
fixed
suse enterprise server 12 SP5
8.3.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
ecryptfs-utils
RHEL 6
0:82-6.el6_1.3
fixed
ecryptfs-utils-devel
RHEL 6
0:82-6.el6_1.3
fixed
ecryptfs-utils-python
RHEL 6
0:82-6.el6_1.3
fixed
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html
http://www.ubuntu.com/usn/USN-1188-1
https://bugzilla.redhat.com/show_bug.cgi?id=729465
https://launchpad.net/ecryptfs/+download
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html
http://www.ubuntu.com/usn/USN-1188-1
https://bugzilla.redhat.com/show_bug.cgi?id=729465
https://launchpad.net/ecryptfs/+download