VYPR
Unrated severityNVD Advisory· Published Apr 22, 2019· Updated Sep 16, 2024

mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group

CVE-2011-3145

Description

When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.

Affected products

2
  • Ecryptfs/Ecryptfs Utilsinferred2 versions
    <87-0ubuntu1.2+ 1 more
    • (no CPE)range: <87-0ubuntu1.2
    • (no CPE)range: < 87-0ubuntu1.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.