Published: 03/10/2012 Updated: 07/11/2023

CVSS v2 Base Score: 3.3 | Impact Score: 4.9 | Exploitability Score: 3.4

VMScore: 295

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:N

Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel prior to 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.0.25
linux linux kernel 3.0
linux linux kernel 3.0.22
linux linux kernel 3.0.5
linux linux kernel 3.0.38
linux linux kernel
linux linux kernel 3.0.18
linux linux kernel 3.0.6
linux linux kernel 3.0.36
linux linux kernel 3.0.35
linux linux kernel 3.0.11
linux linux kernel 3.0.34
linux linux kernel 3.0.32
linux linux kernel 3.0.19
linux linux kernel 3.0.37
linux linux kernel 3.0.4
linux linux kernel 3.0.27
linux linux kernel 3.0.42
linux linux kernel 3.0.23
linux linux kernel 3.0.8
linux linux kernel 3.0.40
linux linux kernel 3.0.33
linux linux kernel 3.0.28
linux linux kernel 3.0.13
linux linux kernel 3.0.10
linux linux kernel 3.0.1
linux linux kernel 3.0.17
linux linux kernel 3.0.16
linux linux kernel 3.0.21
linux linux kernel 3.0.7
linux linux kernel 3.0.20
linux linux kernel 3.0.24
linux linux kernel 3.0.15
linux linux kernel 3.0.39
linux linux kernel 3.0.2
linux linux kernel 3.0.12
linux linux kernel 3.0.3
linux linux kernel 3.0.9
linux linux kernel 3.0.26
linux linux kernel 3.0.43
linux linux kernel 3.0.30
linux linux kernel 3.0.31
linux linux kernel 3.0.29
linux linux kernel 3.0.14
linux linux kernel 3.0.41

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4307 Nageswara R Sastry reported an issue in the ext4 filesystem Local users with the privileges to mount a filesystem c ...

The skb_gro_header_slow function in include/linux/netdeviceh in the Linux kernel before 26394, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic Race condition in the ecryptfs_mount function in fs/e ...

Several security issues were fixed in the kernel ...

Multiple kernel flaws have been fixed ...

eCryptfs could be tricked into mounting and unmounting arbitrary locations, and possibly disclose confidential information ...

Multiple kernel flaws have been fixed ...

Several security issues were fixed in the kernel ...

Multiple kernel flaws have been fixed ...

Several security issues were fixed in the kernel ...

Multiple kernel flaws have been fixed ...

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly A local user could exploit this to read kernel stack memory, leading to a loss of privacy Brad Spengler discovered that stack memory for new a process was not correctly calculated A local attacker could exploit this to crash ...

CWE-264 CWE-362 https://bugzilla.redhat.com/show_bug.cgi?id=731172 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 https://github.com/torvalds/linux/commit/764355487ea220fdc2faf128d577d7f679b91f97 http://www.ubuntu.com/usn/USN-1188-1 http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=764355487ea220fdc2faf128d577d7f679b91f97 https://www.debian.org/security/./dsa-2443 https://nvd.nist.gov https://usn.ubuntu.com/1240-1/

CVE-2011-1833

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect