VYPR

Ecryptfs Utils

by Ecryptfs

CVEs (13)

  • CVE-2016-1572HigJan 22, 2016
    risk 0.55cvss 8.4epss 0.00

    mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.

  • CVE-2016-6224LowJul 22, 2016
    risk 0.21cvss 3.3epss 0.00

    ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE: this vulnerability…

  • CVE-2015-8946LowJul 22, 2016
    risk 0.21cvss 3.3epss 0.00

    ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.

  • CVE-2012-3409Dec 20, 2019
    risk 0.00cvss epss 0.00

    ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation

  • CVE-2011-3145Apr 22, 2019
    risk 0.00cvss epss 0.01

    When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.

  • CVE-2014-9687Mar 16, 2015
    risk 0.00cvss epss 0.02

    eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.

  • CVE-2011-1837Feb 15, 2014
    risk 0.00cvss epss 0.00

    The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors.

  • CVE-2011-1836Feb 15, 2014
    risk 0.00cvss epss 0.00

    utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process.

  • CVE-2011-1835Feb 15, 2014
    risk 0.00cvss epss 0.00

    The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation…

  • CVE-2011-1834Feb 15, 2014
    risk 0.00cvss epss 0.00

    utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call.

  • CVE-2011-1832Feb 15, 2014
    risk 0.00cvss epss 0.00

    utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.

  • CVE-2011-1831Feb 15, 2014
    risk 0.00cvss epss 0.00

    utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.

  • CVE-2008-5188Nov 21, 2008
    risk 0.00cvss epss 0.00

    The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and (3) ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process.