CVE-2016-1572Improper Privilege Management in Ecryptfs-utils

CWE-269Improper Privilege ManagementCWE-284Improper Access Control11 documents8 sources
Severity
8.4HIGHNVD
EPSS
0.0%
top 86.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Ecryptfs Ecryptfs-utilsDebian Ecryptfs-utilsCanonical Ubuntu Linux+4 more
Timeline
PublishedJan 22
Latest updateMay 13

Description

mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.5 | Impact: 5.9

Affected Packages6 packages

debiandebian/ecryptfs-utils< ecryptfs-utils 106-2 (bookworm)
Debianecryptfs/ecryptfs-utils< 106-2+3
Ubuntuecryptfs/ecryptfs-utils< 104-0ubuntu1.14.04.4
NVDopensuse/leap42.1

Also affects: Debian Linux 7.0, 8.0, Fedora 22, 23, Ubuntu Linux 12.04, 14.04, 15.04, 15.10

Patches

Patch: www.debian.orgPatch: www.ubuntu.comPatch: bazaar.launchpad.net

🔴Vulnerability Details

3
GHSA
GHSA-v495-vr49-324q: mount2022-05-13
OSV
CVE-2016-1572: mount2016-01-22
OSV
ecryptfs-utils vulnerability2016-01-20

📋Vendor Advisories

3
Ubuntu
eCryptfs vulnerability2016-01-20
Red Hat
ecryptfs-utils: privilege escalation by mounting over /proc/$pid2016-01-20
Debian
CVE-2016-1572: ecryptfs-utils - mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination f...2016

📄Research Papers

1
arXiv
The Security War in File Systems: An Empirical Study from A Vulnerability-Centric Perspective2022-04-26

💬Community

3
Bugzilla
CVE-2016-9646 ikiwiki: Commit metadata forgery2017-01-02
Bugzilla
CVE-2016-1572 ecryptfs-utils: privilege escalation by mounting over /proc/$pid [fedora-all]2016-01-21
Bugzilla
CVE-2016-1572 ecryptfs-utils: privilege escalation by mounting over /proc/$pid2016-01-21
CVE-2016-1572 — Improper Privilege Management | cvebase