Vulnerability Details CVE-2016-1572
mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.4%
CVSS Severity
CVSS v3 Score 8.4
CVSS v2 Score 4.6
References
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177359.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177396.html
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00091.html
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00118.html
- http://lists.opensuse.org/opensuse-updates/2016-02/msg00004.html
- http://www.debian.org/security/2016/dsa-3450
- http://www.openwall.com/lists/oss-security/2016/01/20/6
- http://www.securitytracker.com/id/1034791
- http://www.ubuntu.com/usn/USN-2876-1
- https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/870
- https://bugs.launchpad.net/ecryptfs/+bug/1530566
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177359.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177396.html
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00091.html
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00118.html
- http://lists.opensuse.org/opensuse-updates/2016-02/msg00004.html
- http://www.debian.org/security/2016/dsa-3450
- http://www.openwall.com/lists/oss-security/2016/01/20/6
- http://www.securitytracker.com/id/1034791
- http://www.ubuntu.com/usn/USN-2876-1
- https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/870
- https://bugs.launchpad.net/ecryptfs/+bug/1530566
Products affected by CVE-2016-1572
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:-
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:100
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:101
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:102
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:103
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:104
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:105
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:106
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:108
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:58
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:60
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:61
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:62
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:63
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:64
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:65
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:66
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:67
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:68
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:69
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:70
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:71
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:72
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:73
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:74
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:75
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:76
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:77
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:78
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:79
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:80
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:81
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:82
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:83
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:84
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:85
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:86
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:87
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:89
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:90
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:91
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:92
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:93
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:94
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:95
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:97
-
cpe:2.3:a:ecryptfs:ecryptfs-utils:99
-
cpe:2.3:o:canonical:ubuntu_linux:12.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:15.04
-
cpe:2.3:o:canonical:ubuntu_linux:15.10
-
cpe:2.3:o:debian:debian_linux:7.0
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:fedoraproject:fedora:22
-
cpe:2.3:o:fedoraproject:fedora:23
-
cpe:2.3:o:opensuse:leap:42.1
-
cpe:2.3:o:opensuse:opensuse:13.1
-
cpe:2.3:o:opensuse:opensuse:13.2