Unrated severityNVD Advisory· Published Apr 22, 2019· Updated Sep 16, 2024
mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
CVE-2011-3145
Description
When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.
Affected products
2<87-0ubuntu1.2+ 1 more
- (no CPE)range: <87-0ubuntu1.2
- (no CPE)range: < 87-0ubuntu1.2
Patches
Vulnerability mechanics
References
1- bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/558mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.