CVE-2016-1572

NameCVE-2016-1572
Descriptionmount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-397-1, DSA-3450-1
NVD severitymedium (attack range: local)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ecryptfs-utils (PTS)wheezy, wheezy (security)99-1+deb7u1fixed
jessie, jessie (security)103-5+deb8u1fixed
buster, sid, stretch111-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ecryptfs-utilssource(unstable)106-2medium
ecryptfs-utilssourcejessie103-5+deb8u1mediumDSA-3450-1
ecryptfs-utilssourcesqueeze83-4+squeeze2mediumDLA-397-1
ecryptfs-utilssourcewheezy99-1+deb7u1mediumDSA-3450-1

Notes

https://bugs.launchpad.net/ecryptfs/+bug/1530566
https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/870

Search for package or bug name: Reporting problems