Vulnerability Details CVE-2011-4126
Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.7%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 9.3
References
- https://bugs.launchpad.net/calibre/+bug/885027
- https://git.zx2c4.com/calibre-mount-helper-exploit/about/
- https://lwn.net/Articles/464824/
- https://www.openwall.com/lists/oss-security/2011/11/02/2
- https://bugs.launchpad.net/calibre/+bug/885027
- https://git.zx2c4.com/calibre-mount-helper-exploit/about/
- https://lwn.net/Articles/464824/
- https://www.openwall.com/lists/oss-security/2011/11/02/2
Products affected by CVE-2011-4126
-
cpe:2.3:a:calibre-ebook:calibre:-