Show filters
12 Total Results
Displaying 1-10 of 12
Sort by:
Attacker Value
Unknown
CVE-2012-3409
Disclosure Date: December 20, 2019 (last updated November 27, 2024)
ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation
0
Attacker Value
Unknown
CVE-2015-8946
Disclosure Date: July 22, 2016 (last updated November 25, 2024)
ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.
0
Attacker Value
Unknown
CVE-2016-6224
Disclosure Date: July 22, 2016 (last updated November 08, 2023)
ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8946.
0
Attacker Value
Unknown
CVE-2016-1572
Disclosure Date: January 22, 2016 (last updated November 25, 2024)
mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
0
Attacker Value
Unknown
CVE-2014-9687
Disclosure Date: March 16, 2015 (last updated October 05, 2023)
eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.
0
Attacker Value
Unknown
CVE-2011-1835
Disclosure Date: February 15, 2014 (last updated October 05, 2023)
The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps.
0
Attacker Value
Unknown
CVE-2011-1837
Disclosure Date: February 15, 2014 (last updated October 05, 2023)
The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors.
0
Attacker Value
Unknown
CVE-2011-1831
Disclosure Date: February 15, 2014 (last updated October 05, 2023)
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.
0
Attacker Value
Unknown
CVE-2011-1836
Disclosure Date: February 15, 2014 (last updated October 05, 2023)
utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process.
0
Attacker Value
Unknown
CVE-2011-1834
Disclosure Date: February 15, 2014 (last updated October 05, 2023)
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call.
0