Description The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.
CVSS vector AV:L/AC:M/C:P/I:P/A:N Exploitability: 3.4 | Impact: 4.9 Affected Packages2 packages
🔴 Vulnerability Details3 GHSA GHSA-h832-96qp-642g: The addmntent function in the GNU C Library (aka glibc or libc6) 2 ↗ 2022-05-17 ▶ OSV CVE-2011-1089: The addmntent function in the GNU C Library (aka glibc or libc6) 2 ↗ 2011-04-10 ▶ CVEList CVE-2011-1089: The addmntent function in the GNU C Library (aka glibc or libc6) 2 ↗ 2011-04-10 ▶
📋 Vendor Advisories6 Ubuntu GNU C Library vulnerabilities ↗ 2012-03-09 ▶ Red Hat nfs-utils: mount.nfs fails to anticipate RLIMIT_FSIZE ↗ 2011-04-19 ▶ Red Hat glibc: Suid mount helpers fail to anticipate RLIMIT_FSIZE ↗ 2011-03-03 ▶ Red Hat util-linux: mount fails to anticipate RLIMIT_FSIZE ↗ 2011-03-03 ▶ Red Hat samba/cifs-utils: mount.cifs and umount.cifs fail to anticipate RLIMIT_FSIZE ↗ 2011-03-03 ▶ Show 1 more
💬 Community4 Bugzilla CVE-2011-1749 nfs-utils: mount.nfs fails to anticipate RLIMIT_FSIZE ↗ 2011-04-19 ▶ Bugzilla CVE-2011-1675 util-linux: mount fails to anticipate RLIMIT_FSIZE ↗ 2011-04-12 ▶ Bugzilla CVE-2011-1679 ncpfs: ncpmount and ncpumount fail to anticipate RLIMIT_FSIZE ↗ 2011-04-12 ▶ Bugzilla CVE-2011-1089 glibc: Suid mount helpers fail to anticipate RLIMIT_FSIZE ↗ 2011-03-18 ▶