CVE-2011-1836 — Ecryptfs-utils vulnerability
Severity
4.6MEDIUMNVD
EPSS
0.0%
top 85.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 15
Latest updateMay 17
Description
utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process.
CVSS vector
AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4
Affected Packages4 packages
🔴Vulnerability Details
2GHSA▶
GHSA-5764-q5mh-rcg7: utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to b↗2022-05-17
OSV▶
CVE-2011-1836: utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to b↗2014-02-15
📋Vendor Advisories
3💬Community
3Bugzilla▶
CVE-2011-1836 ecryptfs-utils: ecryptfs-recover-private insecure permissions on the temporary mount point↗2011-08-16
Bugzilla▶
CVE-2011-1831 CVE-2011-1832 CVE-2011-1834 CVE-2011-1835 CVE-2011-1837 ecryptfs: multiple flaws to mount/umount arbitrary locations and possibly disclose confidential information↗2011-08-09
Bugzilla▶
CVE-2011-1831 CVE-2011-1832 CVE-2011-1834 CVE-2011-1835 CVE-2011-1836 CVE-2011-1837 ecryptfs: multiple flaws to mount/umount arbitrary locations and possibly disclose confidential information [fedora-↗2011-08-09