Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ecryptfs vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-21054
An issue exists on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant...
Google Android 6.0
Google Android 7.0
Google Android 7.1.0
Google Android 7.1.1
Google Android 7.1.2
Google Android 8.0
Google Android 8.1
Google Android 7.1
9.8
CVSSv3
CVE-2018-21065
An issue exists on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is an integer underflow in eCryptFS because of a missing size check. The Samsung ID is SVE-2017-11855 (August 2018).
Google Android 6.0
Google Android 7.0
Google Android 7.1.0
Google Android 7.1.1
Google Android 7.1.2
Google Android 8.0
Google Android 8.1
9.8
CVSSv3
CVE-2011-3145
When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.
Mount.ecrpytfs Private Project Mount.ecrpytfs Private -
9.8
CVSSv3
CVE-2016-3955
The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel prior to 4.5.3 allows remote malicious users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Linux Linux Kernel
Debian Debian Linux 8.0
1 Github repository
9.1
CVSSv3
CVE-2011-3188
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel prior to 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote malicious users to cause a denial of service (disrupted networking) or hijack ...
Linux Linux Kernel
Redhat Enterprise Linux 4.0
F5 Enterprise Manager 3.0.0
F5 Firepass 7.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Access Policy Manager
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Webaccelerator
F5 Big-ip Wan Optimization Manager
F5 Big-ip Protocol Security Module
F5 Big-ip Application Security Manager
F5 Firepass
F5 Arx
F5 Enterprise Manager
F5 Big-ip Analytics
8.8
CVSSv3
CVE-2011-3191
Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel prior to 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read reque...
Linux Linux Kernel
Redhat Enterprise Linux 4.0
8.4
CVSSv3
CVE-2016-1572
mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
Ecryptfs Ecryptfs-utils
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 15.10
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Fedoraproject Fedora 22
Fedoraproject Fedora 23
7.8
CVSSv3
CVE-2012-3409
ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation
Ecryptfs Ecryptfs-utils
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2014-9922
The eCryptfs subsystem in the Linux kernel prior to 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.
Linux Linux Kernel
Google Android
7.8
CVSSv3
CVE-2016-3070
The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel prior to 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecifie...
Debian Debian Linux 8.0
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »