Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ecryptfs vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1296
The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root.
Ubuntu Ubuntu 9.0.4
Ubuntu 73-oubuntu 6.1
9.8
CVSSv3
CVE-2011-3145
When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.
Mount.ecrpytfs Private Project Mount.ecrpytfs Private -
4.7
CVSSv3
CVE-2016-1919
Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack.
Samsung Knox
NA
CVE-2009-0787
The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 prior to 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions...
Linux Linux Kernel 2.6.28.4
Linux Linux Kernel 2.6.28.2
Linux Linux Kernel 2.6.28.5
Linux Linux Kernel 2.6.28.8
Linux Linux Kernel 2.6.28.3
Linux Linux Kernel 2.6.28.6
Linux Linux Kernel 2.6.28.7
Linux Linux Kernel 2.6.28.1
Linux Linux Kernel 2.6.28
7.8
CVSSv3
CVE-2014-9922
The eCryptfs subsystem in the Linux kernel prior to 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.
Linux Linux Kernel
Google Android
NA
CVE-2011-1833
Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel prior to 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.0
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.0.38
Linux Linux Kernel
Linux Linux Kernel 3.0.18
Linux Linux Kernel 3.0.6
Linux Linux Kernel 3.0.36
Linux Linux Kernel 3.0.35
Linux Linux Kernel 3.0.11
Linux Linux Kernel 3.0.34
Linux Linux Kernel 3.0.32
Linux Linux Kernel 3.0.19
Linux Linux Kernel 3.0.37
Linux Linux Kernel 3.0.4
Linux Linux Kernel 3.0.27
Linux Linux Kernel 3.0.42
Linux Linux Kernel 3.0.23
Linux Linux Kernel 3.0.8
Linux Linux Kernel 3.0.40
Linux Linux Kernel 3.0.33
9.8
CVSSv3
CVE-2018-21065
An issue exists on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is an integer underflow in eCryptFS because of a missing size check. The Samsung ID is SVE-2017-11855 (August 2018).
Google Android 6.0
Google Android 7.0
Google Android 7.1.0
Google Android 7.1.1
Google Android 7.1.2
Google Android 8.0
Google Android 8.1
NA
CVE-2009-2406
Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel prior to 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCr...
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.6.20.6
Linux Linux Kernel 2.6.28
Linux Linux Kernel 2.6.8.1.5
Linux Linux Kernel 2.6.0
Linux Linux Kernel 2.6.4
Linux Linux Kernel 2.6.17
Linux Linux Kernel 2.6.20.9
Linux Linux Kernel 2.6.18
Linux Linux Kernel 2.6.29
Linux Linux Kernel 2.6.23.4
Linux Linux Kernel 2.6.22.15
Linux Linux Kernel 2.6.16.16
Linux Linux Kernel 2.6.20
Linux Linux Kernel 2.6.18.7
Linux Linux Kernel 2.6.17.12
Linux Linux Kernel 2.6.16.39
Linux Linux Kernel 2.6.27.3
Linux Linux Kernel 2.6.29.3
Linux Linux Kernel 2.6.21
Linux Linux Kernel 2.6.16.9
Linux Linux Kernel 2.6.12
NA
CVE-2009-2407
Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel prior to 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryp...
Linux Linux Kernel 2.6.27.29
Linux Linux Kernel 2.6.27.12
Linux Linux Kernel 2.6.20.6
Linux Linux Kernel 2.6.20.9
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.6.23.4
Linux Linux Kernel 2.6.22.15
Linux Linux Kernel 2.6.16.16
Linux Linux Kernel 2.6.18.7
Linux Linux Kernel 2.6.17.12
Linux Linux Kernel 2.6.16.39
Linux Linux Kernel 2.6.27.3
Linux Linux Kernel 2.6.29.3
Linux Linux Kernel 2.6.21
Linux Linux Kernel 2.6.16.9
Linux Linux Kernel 2.6.17.9
Linux Linux Kernel 2.6.11.2
Linux Linux Kernel 2.6.27.1
Linux Linux Kernel 2.6.5
Linux Linux Kernel 2.6.15.3
Linux Linux Kernel 2.6.27.30
Linux Linux Kernel 2.6.11.10
9.8
CVSSv3
CVE-2018-21054
An issue exists on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant...
Google Android 6.0
Google Android 7.0
Google Android 7.1.0
Google Android 7.1.1
Google Android 7.1.2
Google Android 8.0
Google Android 8.1
Google Android 7.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »