Home

CVE-2011-3145

Description

When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesnt also set the effective group id. So when it creates the new version, mtab.tmp, its created with the group id of the user running mount.ecryptfs_private.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.234

Associated Vulnerability

VulnerabilityOS Platform
(RHSA-2011:1241) Moderate: ecryptfs-utils security update ecryptfs-utils-75-5.el5_7.2.i386.rpmLinux
(RHSA-2011:1241) Moderate: ecryptfs-utils security update ecryptfs-utils-75-5.el5_7.2.x86_64.rpmLinux
(RHSA-2011:1241) Moderate: ecryptfs-utils security update ecryptfs-utils-82-6.el6_1.3.i686.rpmLinux
(RHSA-2011:1241) Moderate: ecryptfs-utils security update ecryptfs-utils-82-6.el6_1.3.x86_64.rpmLinux
(RHSA-2011:1241) Moderate: ecryptfs-utils security update ecryptfs-utils-devel-75-5.el5_7.2.i386.rpmLinux
(RHSA-2011:1241) Moderate: ecryptfs-utils security update ecryptfs-utils-devel-75-5.el5_7.2.x86_64.rpmLinux
(RHSA-2011:1241) Moderate: ecryptfs-utils security update ecryptfs-utils-devel-82-6.el6_1.3.i686.rpmLinux
(RHSA-2011:1241) Moderate: ecryptfs-utils security update ecryptfs-utils-devel-82-6.el6_1.3.x86_64.rpmLinux
(RHSA-2011:1241) Moderate: ecryptfs-utils security update ecryptfs-utils-gui-75-5.el5_7.2.i386.rpmLinux
(RHSA-2011:1241) Moderate: ecryptfs-utils security update ecryptfs-utils-gui-75-5.el5_7.2.x86_64.rpmLinux
(RHSA-2011:1241) Moderate: ecryptfs-utils security update ecryptfs-utils-python-82-6.el6_1.3.i686.rpmLinux
(RHSA-2011:1241) Moderate: ecryptfs-utils security update ecryptfs-utils-python-82-6.el6_1.3.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234