Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ecryptfs ecryptfs-utils vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2016-1572
mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
Ecryptfs Ecryptfs-utils
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 15.10
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Fedoraproject Fedora 22
Fedoraproject Fedora 23
4.6
CVSSv2
CVE-2011-1831
utils/mount.ecryptfs_private.c in ecryptfs-utils prior to 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.
Ecryptfs Ecryptfs-utils 66
Ecryptfs Ecryptfs-utils 67
Ecryptfs Ecryptfs-utils 74
Ecryptfs Ecryptfs-utils 75
Ecryptfs Ecryptfs-utils 76
Ecryptfs Ecryptfs-utils 83
Ecryptfs Ecryptfs-utils 84
Ecryptfs Ecryptfs Utils 59
Ecryptfs Ecryptfs Utils 58
Ecryptfs Ecryptfs-utils 62
Ecryptfs Ecryptfs-utils 63
Ecryptfs Ecryptfs-utils 70
Ecryptfs Ecryptfs-utils 71
Ecryptfs Ecryptfs-utils 79
Ecryptfs Ecryptfs-utils 80
Ecryptfs Ecryptfs-utils 87
Ecryptfs Ecryptfs-utils
Ecryptfs Ecryptfs-utils 68
Ecryptfs Ecryptfs-utils 69
Ecryptfs Ecryptfs-utils 77
Ecryptfs Ecryptfs-utils 78
Ecryptfs Ecryptfs-utils 85
4.6
CVSSv2
CVE-2011-1836
utils/ecryptfs-recover-private in ecryptfs-utils prior to 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process.
Ecryptfs Ecryptfs-utils 65
Ecryptfs Ecryptfs-utils 62
Ecryptfs Ecryptfs-utils 70
Ecryptfs Ecryptfs-utils 71
Ecryptfs Ecryptfs-utils 78
Ecryptfs Ecryptfs-utils 79
Ecryptfs Ecryptfs-utils 86
Ecryptfs Ecryptfs-utils 87
Ecryptfs Ecryptfs-utils 66
Ecryptfs Ecryptfs-utils 74
Ecryptfs Ecryptfs-utils 75
Ecryptfs Ecryptfs-utils 82
Ecryptfs Ecryptfs-utils 83
Ecryptfs Ecryptfs Utils 60
Ecryptfs Ecryptfs Utils 59
Ecryptfs Ecryptfs Utils 58
Ecryptfs Ecryptfs-utils 67
Ecryptfs Ecryptfs-utils 68
Ecryptfs Ecryptfs-utils 69
Ecryptfs Ecryptfs-utils 76
Ecryptfs Ecryptfs-utils 77
Ecryptfs Ecryptfs-utils 84
4.4
CVSSv2
CVE-2011-1835
The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils prior to 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creatio...
Ecryptfs Ecryptfs-utils 64
Ecryptfs Ecryptfs-utils 65
Ecryptfs Ecryptfs-utils 72
Ecryptfs Ecryptfs-utils 73
Ecryptfs Ecryptfs-utils 81
Ecryptfs Ecryptfs-utils 82
Ecryptfs Ecryptfs Utils 61
Ecryptfs Ecryptfs Utils 60
Ecryptfs Ecryptfs-utils 68
Ecryptfs Ecryptfs-utils 69
Ecryptfs Ecryptfs-utils 76
Ecryptfs Ecryptfs-utils 77
Ecryptfs Ecryptfs-utils 78
Ecryptfs Ecryptfs-utils 85
Ecryptfs Ecryptfs-utils 86
Ecryptfs Ecryptfs-utils 66
Ecryptfs Ecryptfs-utils 67
Ecryptfs Ecryptfs-utils 74
Ecryptfs Ecryptfs-utils 75
Ecryptfs Ecryptfs-utils 83
Ecryptfs Ecryptfs-utils 84
Ecryptfs Ecryptfs Utils 59
3.6
CVSSv2
CVE-2011-1837
The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils prior to 90 allows local users to overwrite arbitrary files via unspecified vectors.
Ecryptfs Ecryptfs-utils 63
Ecryptfs Ecryptfs-utils 64
Ecryptfs Ecryptfs-utils 71
Ecryptfs Ecryptfs-utils 72
Ecryptfs Ecryptfs-utils 79
Ecryptfs Ecryptfs-utils 80
Ecryptfs Ecryptfs-utils
Ecryptfs Ecryptfs Utils 61
Ecryptfs Ecryptfs-utils 67
Ecryptfs Ecryptfs-utils 68
Ecryptfs Ecryptfs-utils 75
Ecryptfs Ecryptfs-utils 76
Ecryptfs Ecryptfs-utils 83
Ecryptfs Ecryptfs-utils 84
Ecryptfs Ecryptfs-utils 85
Ecryptfs Ecryptfs Utils 58
Ecryptfs Ecryptfs-utils 62
Ecryptfs Ecryptfs-utils 69
Ecryptfs Ecryptfs-utils 70
Ecryptfs Ecryptfs-utils 77
Ecryptfs Ecryptfs-utils 78
Ecryptfs Ecryptfs-utils 86
3.3
CVSSv2
CVE-2011-1833
Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel prior to 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.0
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.0.38
Linux Linux Kernel
Linux Linux Kernel 3.0.18
Linux Linux Kernel 3.0.6
Linux Linux Kernel 3.0.36
Linux Linux Kernel 3.0.35
Linux Linux Kernel 3.0.11
Linux Linux Kernel 3.0.34
Linux Linux Kernel 3.0.32
Linux Linux Kernel 3.0.19
Linux Linux Kernel 3.0.37
Linux Linux Kernel 3.0.4
Linux Linux Kernel 3.0.27
Linux Linux Kernel 3.0.42
Linux Linux Kernel 3.0.23
Linux Linux Kernel 3.0.8
Linux Linux Kernel 3.0.40
Linux Linux Kernel 3.0.33
2.1
CVSSv2
CVE-2016-5243
The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel up to and including 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
Linux Linux Kernel
2.1
CVSSv2
CVE-2016-4482
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel up to and including 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Linux Linux Kernel
Novell Suse Linux Enterprise Module For Public Cloud 12.0
Novell Suse Linux Enterprise Server 11.0
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Live Patching 12.0
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Real Time Extension 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Debuginfo 11.0
Novell Suse Linux Enterprise Software Development Kit 11.0
Novell Suse Linux Enterprise Software Development Kit 12.0
Fedoraproject Fedora 24
2.1
CVSSv2
CVE-2016-4486
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel prior to 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
Novell Suse Linux Enterprise Module For Public Cloud 12.0
Novell Suse Linux Enterprise Server 11.0
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Live Patching 12.0
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Real Time Extension 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Debuginfo 11.0
Novell Suse Linux Enterprise Software Development Kit 11.0
Novell Suse Linux Enterprise Software Development Kit 12.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Linux Linux Kernel
2.1
CVSSv2
CVE-2016-4569
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel up to and including 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.
Linux Linux Kernel
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Novell Suse Linux Enterprise Module For Public Cloud 12.0
Novell Suse Linux Enterprise Server 11.0
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Live Patching 12.0
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Real Time Extension 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Debuginfo 11.0
Novell Suse Linux Enterprise Software Development Kit 11.0
Novell Suse Linux Enterprise Software Development Kit 12.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »