CVE-2011-1089
published 2011-04-10CVE-2011-1089: The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab…
low3.3CVSS 3.1
AVLACMAuNCPIPAN
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.
Affected
118 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | cifs-utils | < cifs-utils 2:5.1-1 (bookworm) | cifs-utils 2:5.1-1 (bookworm) |
| debian | glibc | < glibc 2.13-8 (bookworm) | glibc 2.13-8 (bookworm) |
| debian | nfs-utils | < nfs-utils 1:1.2.3-3 (bookworm) | nfs-utils 1:1.2.3-3 (bookworm) |
| debian | open-vm-tools | < open-vm-tools 2:8.4.2+2011.08.21-471295-1 (bookworm) | open-vm-tools 2:8.4.2+2011.08.21-471295-1 (bookworm) |
| debian | samba | < cifs-utils 2:5.1-1 (bookworm) | cifs-utils 2:5.1-1 (bookworm) |
| debian | util-linux | < util-linux 2.20.1-1 (bookworm) | util-linux 2.20.1-1 (bookworm) |
| gnu | glibc | <= 2.13 | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
CVSS provenance
nvd3.3LOWAV:L/AC:M/Au:N/C:N/I:P/A:P
osv7.2HIGH