CVE-2011-3145

When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:mount.ecrpytfs_private_project:mount.ecrpytfs_private:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-04-22 16:29

Updated : 2024-02-28 17:08


NVD link : CVE-2011-3145

Mitre link : CVE-2011-3145

CVE.ORG link : CVE-2011-3145


JSON object : View

Products Affected

mount.ecrpytfs_private_project

  • mount.ecrpytfs_private
CWE
CWE-254

7PK - Security Features