CVE-2016-1572
Published: 20 January 2016
mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
Priority
CVSS 3 base score: 8.4
Status
Package | Release | Status |
---|---|---|
ecryptfs-utils Launchpad, Ubuntu, Debian |
Upstream |
Released
(109)
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Released
(109-0ubuntu1)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Released
(104-0ubuntu1.14.04.4)
|
|
Patches: Upstream: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/870 |