CVE-2011-1831

utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
canonicalCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
ecryptfsecryptfs-utils
𝑥
≤ 89
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ecryptfs-utils
bullseye
111-5
fixed
bookworm
111-6
fixed
sid
111-7
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ecryptfs-utils
natty
Fixed 87-0ubuntu1.1
released
maverick
Fixed 83-0ubuntu3.2.10.10.1
released
lucid
Fixed 83-0ubuntu3.2.10.04.1
released
hardy
not-affected
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html
http://www.ubuntu.com/usn/USN-1188-1
https://bugzilla.redhat.com/show_bug.cgi?id=729465
https://launchpad.net/ecryptfs/+download
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html
http://www.ubuntu.com/usn/USN-1188-1
https://bugzilla.redhat.com/show_bug.cgi?id=729465
https://launchpad.net/ecryptfs/+download