CVE-2013-0157
Published: 21 January 2014
(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates different error messages depending on whether the directory exists.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
util-linux Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(2.26.2-6ubuntu1)
|
| bionic |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| cosmic |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| disco |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| eoan |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| focal |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| groovy |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| hardy |
Ignored
(end of life)
|
|
| hirsute |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| impish |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| jammy |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| kinetic |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| lucid |
Ignored
(end of life)
|
|
| lunar |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| oneiric |
Ignored
(end of life)
|
|
| precise |
Ignored
(end of life)
|
|
| quantal |
Ignored
(end of life)
|
|
| raring |
Ignored
(end of life)
|
|
| saucy |
Ignored
(end of life)
|
|
| trusty |
Needed
|
|
| upstream |
Released
(2.20.1-5.5)
|
|
| utopic |
Not vulnerable
(2.25.1-3ubuntu4.1)
|
|
| vivid |
Not vulnerable
(2.25.2-4ubuntu2)
|
|
| wily |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| xenial |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| yakkety |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| zesty |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
| mantic |
Not vulnerable
(2.26.2-6ubuntu1)
|
|
|
Patches: upstream: http://git.kernel.org/?p=utils/util-linux/util-linux.git;a=commit;h=33c5fd0c5a774458470c86f9d318d8c48a9c9ccb upstream: http://git.kernel.org/?p=utils/util-linux/util-linux.git;a=commit;h=5ebbc3865d1e53ef42e5f121c41faab23dd59075 upstream: http://git.kernel.org/?p=utils/util-linux/util-linux.git;a=commit;h=cc8cc8f32c863f3ae6a8a88e97b47bcd6a21825f upstream: http://git.kernel.org/?p=utils/util-linux/util-linux.git;a=commit;h=0377ef91270d06592a0d4dd009c29e7b1ff9c9b8 |
||