Unrated severityNVD Advisory· Published Oct 4, 2007· Updated Apr 23, 2026
CVE-2007-5191
CVE-2007-5191
Description
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.
Affected products
7- cpe:2.3:a:loop-aes-utils_project:loop-aes-utils:-:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
33- bugs.gentoo.org/show_bug.cginvdIssue TrackingThird Party Advisory
- frontal2.mandriva.com/en/security/advisoriesnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.htmlnvdMailing ListThird Party Advisory
- lists.vmware.com/pipermail/security-announce/2008/000002.htmlnvdThird Party Advisory
- secunia.com/advisories/27104nvdThird Party Advisory
- secunia.com/advisories/27122nvdThird Party Advisory
- secunia.com/advisories/27145nvdThird Party Advisory
- secunia.com/advisories/27188nvdThird Party Advisory
- secunia.com/advisories/27283nvdThird Party Advisory
- secunia.com/advisories/27354nvdThird Party Advisory
- secunia.com/advisories/27399nvdThird Party Advisory
- secunia.com/advisories/27687nvdThird Party Advisory
- secunia.com/advisories/28348nvdThird Party Advisory
- secunia.com/advisories/28349nvdThird Party Advisory
- secunia.com/advisories/28368nvdThird Party Advisory
- secunia.com/advisories/28469nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-200710-18.xmlnvdThird Party Advisory
- support.avaya.com/elmodocs2/security/ASA-2008-023.htmnvdThird Party Advisory
- www.debian.org/security/2008/dsa-1449nvdThird Party Advisory
- www.debian.org/security/2008/dsa-1450nvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2007-0969.htmlnvdThird Party Advisory
- www.securityfocus.com/archive/1/485936/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/486859/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/25973nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-533-1nvdThird Party Advisory
- www.vmware.com/security/advisories/VMSA-2008-0001.htmlnvdThird Party Advisory
- www.vupen.com/english/advisories/2007/3417nvdThird Party Advisory
- www.vupen.com/english/advisories/2008/0064nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101nvdThird Party Advisory
- www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.htmlnvdThird Party Advisory
- issues.rpath.com/browse/RPL-1757nvdBroken Link
News mentions
0No linked articles in our index yet.