Debian Ecryptfs-Utils vulnerabilities

CVE-2016-1572 [HIGH] CVE-2016-1572: ecryptfs-utils - mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination f... mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid. Scope: local bookworm: resolved (fixed in 106-2) bullseye: resolved (fixed in 106-2) forky: resolved (fixed in 106-2) sid: resolved (fixed in 106-2)

CVE-2016-6224 [LOW] CVE-2016-6224: ecryptfs-utils - ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition ... ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8946. Scope: local bookworm: resolved bu

CVE-2015-8946 [LOW] CVE-2015-8946: ecryptfs-utils - ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap... ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors. Scope: local bookworm: resolved (fixed in 111-1) bullseye: resolved (fixed in 111-1) forky: resolved (

CVE-2014-9687 [MEDIUM] CVE-2014-9687: ecryptfs-utils - eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, wh... eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack. Scope: local bookworm: resolved (fixed in 103-4) bullseye: resolved (fixed in 103-4) forky: resolved (fixed in 103-4) sid: resolved (fixed in 103-4) trixie: resolved (fixed in 103-4)

CVE-2012-3409 [HIGH] CVE-2012-3409: ecryptfs-utils - ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,n... ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation Scope: local bookworm: resolved (fixed in 99-1) bullseye: resolved (fixed in 99-1) forky: resolved (fixed in 99-1) sid: resolved (fixed in 99-1) trixie: resolved (fixed in 99-1)

CVE-2011-1831 [MEDIUM] CVE-2011-1831: ecryptfs-utils - utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly che... utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call. Scope: local bookworm: resolved (fixed in 92-1) bullseye: resolved (fixed in 92-1) forky: resolved (fixed in 9

CVE-2011-1835 [MEDIUM] CVE-2011-1835: ecryptfs-utils - The encrypted private-directory setup process in utils/ecryptfs-setup-private in... The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps. Scope: local bookworm: resolved (fixed in 92-1) bullseye: resolved (fixed

CVE-2011-1836 [MEDIUM] CVE-2011-1836: ecryptfs-utils - utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a ... utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process. Scope: local bookworm: resolved (fixed in 92-1) bullseye: resolved (fixed in 92-1) forky: resolved (fixed in 92-

CVE-2011-1834 [LOW] CVE-2011-1834: ecryptfs-utils - utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly mai... utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call. Scope: local bookworm: resolved (fixed in 92-1) bullseye: resolved (fixed in 92-1) forky: resolve

CVE-2011-1837 [LOW] CVE-2011-1837: ecryptfs-utils - The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-ut... The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors. Scope: local bookworm: resolved (fixed in 92-1) bullseye: resolved (fixed in 92-1) forky: resolved (fixed in 92-1) sid: resolved (fixed in 92-1) trixie: resolved (fixed in 92-1)

CVE-2011-1832 [LOW] CVE-2011-1832: ecryptfs-utils - utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly che... utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call. Scope: local bookworm: resolved (fixed in 92-1) bullseye: resolved (fixed in 92-1) forky: resolved (fixed in 92-1) sid: resolved (fixed in 92-1) trixie: resolved (fixed in 92-1)

CVE-2011-3145 [LOW] CVE-2011-3145: ecryptfs-utils - When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doe... When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private. Scope: local bookworm: resolved (fixed in 92-1) bullseye: resolved (fixed in 92-1) forky: resolved (fixed in 92-1) sid: resol

CVE-2011-1833 [LOW] CVE-2011-1833: ecryptfs-utils - Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryp... Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid. Scope: local bookworm: resolved (fixed in 92-1) bullseye: resolved (fixed in 92-1) forky: resolved (fixed in 92-1) sid: resolv

CVE-2009-1296 [LOW] CVE-2009-1296: ecryptfs-utils - The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 sto... The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root. Scope: local bookworm: resolved (fixed in 75-2) bullseye: resolved (fixed in 75-2) forky:

CVE-2008-5188 [HIGH] CVE-2008-5188: ecryptfs-utils - The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and (3) ecryptf... The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and (3) ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process. Scope: local bookworm: resolved (fixed in 66-1) bullseye: resolved (fixed in 66-1)