rpm package
suse/ecryptfs-utils&distro=SUSE Linux Enterprise Desktop 12
pkg:rpm/suse/ecryptfs-utils&distro=SUSE%20Linux%20Enterprise%20Desktop%2012
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-1572 | Hig | 8.4 | < 103-7.1 | 103-7.1 | Jan 22, 2016 | mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid. | |
| CVE-2014-9687 | — | < 103-7.1 | 103-7.1 | Mar 16, 2015 | eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack. |
- affected < 103-7.1fixed 103-7.1
mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
- CVE-2014-9687Mar 16, 2015affected < 103-7.1fixed 103-7.1
eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.