CVE-2011-1835

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
Affected Products (NVD)
VendorProductVersion
ecryptfsecryptfs-utils
𝑥
≤ 89
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ecryptfs-utils
bookworm
111-6
fixed
bullseye
111-5
fixed
sid
111-7
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ecryptfs-utils
hardy
not-affected
lucid
Fixed 83-0ubuntu3.2.10.04.1
released
maverick
Fixed 83-0ubuntu3.2.10.10.1
released
natty
Fixed 87-0ubuntu1.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
ecryptfs-utils-103
suse enterprise sap 12 SP5
8.3.1
fixed
suse enterprise server 12 SP2
7.1
fixed
suse enterprise server 12 SP3
7.1
fixed
suse enterprise server 12 SP4
8.3.1
fixed
suse enterprise server 12 SP5
8.3.1
fixed
ecryptfs-utils-32bit-103
suse enterprise sap 12 SP5
8.3.1
fixed
suse enterprise server 12 SP2
7.1
fixed
suse enterprise server 12 SP3
7.1
fixed
suse enterprise server 12 SP4
8.3.1
fixed
suse enterprise server 12 SP5
8.3.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
ecryptfs-utils
RHEL 6
0:82-6.el6_1.3
fixed
ecryptfs-utils-devel
RHEL 6
0:82-6.el6_1.3
fixed
ecryptfs-utils-python
RHEL 6
0:82-6.el6_1.3
fixed
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html
http://www.ubuntu.com/usn/USN-1188-1
https://bugzilla.redhat.com/show_bug.cgi?id=729465
https://launchpad.net/ecryptfs/+download
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html
http://www.ubuntu.com/usn/USN-1188-1
https://bugzilla.redhat.com/show_bug.cgi?id=729465
https://launchpad.net/ecryptfs/+download