Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ecryptfs-utils vulnerability

Related Vulnerabilities: CVE-2016-1572  

mount.ecryptfs_private could be used to run programs as an administrator.

Jann Horn discovered that mount.ecryptfs_private would mount over certain directories in the proc filesystem. A local attacker could use this to escalate their privileges. (CVE-2016-1572)

Source

20 January 2016

ecryptfs-utils vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 15.10
  • Ubuntu 15.04
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

mount.ecryptfs_private could be used to run programs as an administrator.

Software Description

  • ecryptfs-utils - eCryptfs cryptographic filesystem utilities

Details

Jann Horn discovered that mount.ecryptfs_private would mount over certain directories in the proc filesystem. A local attacker could use this to escalate their privileges. (CVE-2016-1572)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 15.10
ecryptfs-utils - 108-0ubuntu1.1
Ubuntu 15.04
ecryptfs-utils - 107-0ubuntu1.3
Ubuntu 14.04 LTS
ecryptfs-utils - 104-0ubuntu1.14.04.4
Ubuntu 12.04 LTS
ecryptfs-utils - 96-0ubuntu3.5

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started