Upstream information

CVE-2011-1831 at MITRE

Description

utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.6
Vector AV:L/AC:L/Au:N/C:P/I:P/A:P
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entries: 709771 [RESOLVED / FIXED], 711539 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • ecryptfs-utils >= 103-5.35
  • ecryptfs-utils-32bit >= 103-5.35
Patchnames:
SUSE Linux Enterprise Desktop 12 GA ecryptfs-utils
SUSE Linux Enterprise Desktop 12 SP1
  • ecryptfs-utils >= 103-5.35
  • ecryptfs-utils-32bit >= 103-5.35
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA ecryptfs-utils
SUSE Linux Enterprise Desktop 12 SP2
  • ecryptfs-utils >= 103-7.1
  • ecryptfs-utils-32bit >= 103-7.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA ecryptfs-utils
SUSE Linux Enterprise Desktop 12 SP3
  • ecryptfs-utils >= 103-7.1
  • ecryptfs-utils-32bit >= 103-7.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP3 GA ecryptfs-utils
SUSE Linux Enterprise Server 11 SP1
  • ecryptfs-utils >= 61-1.29.1
  • ecryptfs-utils-32bit >= 61-1.29.1
  • ecryptfs-utils-x86 >= 61-1.33.1
Patchnames:
slessp1-ecryptfs-utils
SUSE Linux Enterprise Server 11 SP2
  • ecryptfs-utils >= 61-1.29.1
  • ecryptfs-utils-32bit >= 61-1.29.1
  • ecryptfs-utils-x86 >= 61-1.29.1
Patchnames:
SUSE Linux Enterprise Server 11 SP2 GA ecryptfs-utils-32bit
SUSE Linux Enterprise Server 11 SP3
  • ecryptfs-utils >= 61-1.33.1
  • ecryptfs-utils-32bit >= 61-1.33.1
  • ecryptfs-utils-x86 >= 61-1.33.1
Patchnames:
SUSE Linux Enterprise Server 11 SP3 GA ecryptfs-utils-32bit
SUSE Linux Enterprise Server 11 SP4
  • ecryptfs-utils >= 61-1.33.1
  • ecryptfs-utils-32bit >= 61-1.33.1
  • ecryptfs-utils-x86 >= 61-1.33.1
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA ecryptfs-utils-32bit
SUSE Linux Enterprise Server 12
  • ecryptfs-utils >= 103-5.8
  • ecryptfs-utils-32bit >= 103-5.35
Patchnames:
SUSE Linux Enterprise Server 12 GA ecryptfs-utils
SUSE Linux Enterprise Server 12 SP1
  • ecryptfs-utils >= 103-5.35
  • ecryptfs-utils-32bit >= 103-5.35
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA ecryptfs-utils
SUSE Linux Enterprise Server 12 SP2
  • ecryptfs-utils >= 103-7.1
  • ecryptfs-utils-32bit >= 103-7.1
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA ecryptfs-utils
SUSE Linux Enterprise Server 12 SP3
  • ecryptfs-utils >= 103-7.1
  • ecryptfs-utils-32bit >= 103-7.1
Patchnames:
SUSE Linux Enterprise Server 12 SP3 GA ecryptfs-utils
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • ecryptfs-utils >= 103-7.1
Patchnames:
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA ecryptfs-utils
openSUSE 11.3
  • ecryptfs-utils-debuginfo >= 83-3.3.1
  • ecryptfs-utils-debuginfo-32bit >= 83-3.3.1
  • ecryptfs-utils-debugsource >= 83-3.3.1
openSUSE 11.3
  • ecryptfs-utils >= 83-3.3.1
  • ecryptfs-utils-32bit >= 83-3.3.1
openSUSE 11.4
  • ecryptfs-utils >= 83-6.7.1
  • ecryptfs-utils-32bit >= 83-6.7.1
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
  • ecryptfs-utils >= 61-1.29.1
sles11-sp1.ia64
sles11-sp1-vmware.x86
sled11-sp1.x86-64
sles11-sp1.x86
sles11-sp1.x86-64
sles11-sp1-vmware.x86-64
sled11-sp1.x86
sles11-sp1.ppc
sles11-sp1.s390x
SAT Patch Nr: 4956
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
  • ecryptfs-utils >= 61-1.29.1
  • ecryptfs-utils-32bit >= 61-1.29.1
sles11-sp1.ia64
sles11-sp1-vmware.x86
sled11-sp1.x86-64
sles11-sp1.x86
sles11-sp1.x86-64
sles11-sp1-vmware.x86-64
sled11-sp1.x86
sles11-sp1.ppc
sles11-sp1.s390x
SAT Patch Nr: 4956
SUSE Linux Enterprise Server 11 SP1
  • ecryptfs-utils >= 61-1.29.1
  • ecryptfs-utils-x86 >= 61-1.29.1
sles11-sp1.ia64
sles11-sp1-vmware.x86
sled11-sp1.x86-64
sles11-sp1.x86
sles11-sp1.x86-64
sles11-sp1-vmware.x86-64
sled11-sp1.x86
sles11-sp1.ppc
sles11-sp1.s390x
SAT Patch Nr: 4956
openSUSE 11.4
  • ecryptfs-utils >= 83-6.7.1
  • ecryptfs-utils-32bit >= 83-6.7.1
  • ecryptfs-utils-debuginfo >= 83-6.7.1
  • ecryptfs-utils-debuginfo-32bit >= 83-6.7.1
  • ecryptfs-utils-debugsource >= 83-6.7.1
Patchnames:
ecryptfs-utils
openSUSE Tumbleweed
  • ecryptfs-utils >= 108-2.5
  • ecryptfs-utils-32bit >= 108-2.5
  • ecryptfs-utils-devel >= 108-2.5
  • ecryptfs-utils-devel-32bit >= 108-2.5
  • libecryptfs1 >= 108-2.5
  • libecryptfs1-32bit >= 108-2.5
Patchnames:
openSUSE Tumbleweed GA ecryptfs-utils


Status of this issue by product and package

Product(s) Source package State
SUSE Linux Enterprise Desktop 11 SP1 ecryptfs-utils Released
SUSE Linux Enterprise Desktop 11 SP2 ecryptfs-utils Released
SUSE Linux Enterprise Desktop 11 SP3 ecryptfs-utils Released
SUSE Linux Enterprise Desktop 11 SP4 ecryptfs-utils Released
SUSE Linux Enterprise Server 11 SP1 ecryptfs-utils Released
SUSE Linux Enterprise Server 11 SP1 LTSS ecryptfs-utils Released
SUSE Linux Enterprise Server 11 SP2 ecryptfs-utils Released
SUSE Linux Enterprise Server 11 SP2 LTSS ecryptfs-utils Released
SUSE Linux Enterprise Server 11 SP3 ecryptfs-utils Released
SUSE Linux Enterprise Server 11 SP3 LTSS ecryptfs-utils Released
SUSE Linux Enterprise Server 11 SP4 ecryptfs-utils Released
SUSE Linux Enterprise Server for SAP 11 SP2 ecryptfs-utils Released
SUSE Linux Enterprise Server for SAP AIO 11 SP1 ecryptfs-utils Released
SUSE Linux Enterprise Server for SAP ES 11 SP1 ecryptfs-utils Released