VYPR
← All advisories
High severity8.4NVD Advisory· Published Jan 22, 2016· Updated May 6, 2026

CVE-2016-1572

CVE-2016-1572

Description

mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.

Affected products

12
  • Ecryptfs/Ecryptfs Utils
    cpe:2.3:a:ecryptfs:ecryptfs-utils:*:*:*:*:*:*:*:*
    Range: <109
  • Canonical/Ubuntu Linux4 versions
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
  • OpenSUSE/Leap
    cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE2 versions
    cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
  • Debian/Debian Linux2 versions
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • Fedoraproject/Fedora2 versions
    cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

11

News mentions

0

No linked articles in our index yet.