Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2011-1833

Published: 9 August 2011

Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.

From the Ubuntu Security Team

Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service.

Notes

AuthorNote
mdeslaur
There are two parts to this fix, 1- kernel fix, 2- userspace fix

Priority

Low

Status

Package Release Status
ecryptfs-utils
Launchpad, Ubuntu, Debian
hardy Not vulnerable
(code not present)
lucid
Released (83-0ubuntu3.2.10.04.1)
maverick
Released (83-0ubuntu3.2.10.10.1)
natty
Released (87-0ubuntu1.1)
oneiric
Released (89-0ubuntu2)
upstream Needs triage

linux
Launchpad, Ubuntu, Debian
hardy Not vulnerable

lucid
Released (2.6.32-35.78)
maverick
Released (2.6.35-30.60)
natty
Released (2.6.38-11.49)
oneiric Not vulnerable
(3.0.0-8.11)
upstream
Released (3.1~rc2)
Patches:
Introduced by

237fead619984cc48818fe12ee0ceada3f55b012

Fixed by 764355487ea220fdc2faf128d577d7f679b91f97
linux-ec2
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.32-319.39)
maverick Ignored
(binary supplied by "linux" now)
natty Does not exist

oneiric Does not exist

upstream
Released (3.1~rc2)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.31-610.27)
maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (3.1~rc2)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.35-30.60~lucid1)
maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (3.1~rc2)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.38-11.49~lucid1)
maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (3.1~rc2)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (3.1~rc2)
linux-mvl-dove
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.32-219.37)
maverick
Released (2.6.32-419.37)
natty Does not exist

oneiric Does not exist

upstream
Released (3.1~rc2)
linux-ti-omap4
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

maverick
Released (2.6.35-903.23)
natty
Released (2.6.38-1209.15)
oneiric Not vulnerable
(3.0.0-1201.4)
upstream
Released (3.1~rc2)