English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

eCryptfs-utils 90

CPE Details

eCryptfs-utils 90
ecryptfs
ecryptfs-utils
90
2020-06-25 10:58 +00:00
2020-06-25 10:58 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:a:ecryptfs:ecryptfs-utils:90:*:*:*:*:*:*:*

Informations

Vendor

ecryptfs

Product

ecryptfs-utils

Version

90

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2012-3409 2019-12-20 12:33 +00:00 ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation
7.8
HIGH
CVE-2015-8946 2016-07-22 12:00 +00:00 ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.
3.3
LOW
CVE-2016-6224 2016-07-22 12:00 +00:00 ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8946.
3.3
LOW
CVE-2016-1572 2016-01-22 14:00 +00:00 mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
8.4
HIGH
CVE-2014-9687 2015-03-16 13:00 +00:00 eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.
5

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.