 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Thu, 1 Sep 2011 11:31:30 -0500 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Moderate: ecryptfs-utils security update
Issue Date: 2011-08-31
CVE Numbers: CVE-2011-1831
CVE-2011-3145
eCryptfs is a stacked, cryptographic file system. It is transparent to
the underlying file system and provides per-file granularity.
The setuid mount.ecryptfs_private utility allows users to mount an
eCryptfs file system. This utility can only be run by users in the
"ecryptfs" group.
A race condition flaw was found in the way mount.ecryptfs_private
checked the permissions of a requested mount point when mounting an
encrypted file system. A local attacker could possibly use this flaw to
escalate their privileges by mounting over an arbitrary directory.
(CVE-2011-1831)
A race condition flaw in umount.ecryptfs_private could allow a local
attacker to unmount an arbitrary file system. (CVE-2011-1832)
It was found that mount.ecryptfs_private did not handle certain errors
correctly when updating the mtab (mounted file systems table) file,
allowing a local attacker to corrupt the mtab file and possibly unmount
an arbitrary file system. (CVE-2011-1834)
An insecure temporary file use flaw was found in the
ecryptfs-setup-private script. A local attacker could use this script to
insert their own key that will subsequently be used by a new user,
possibly giving the attacker access to the user's encrypted data if
existing file permissions allow access. (CVE-2011-1835)
A race condition flaw in mount.ecryptfs_private could allow a local
attacker to overwrite arbitrary files. (CVE-2011-1837)
A race condition flaw in the way temporary files were accessed in
mount.ecryptfs_private could allow a malicious, local user to make
arbitrary modifications to the mtab file. (CVE-2011-3145)
A race condition flaw was found in the way mount.ecryptfs_private
checked the permissions of the directory to mount. A local attacker
could use this flaw to mount (and then access) a directory they would
otherwise not have access to. Note: The fix for this issue is incomplete
until a kernel-space change is made. Future Scientific Linux 5 and 6
kernel updates will correct this issue. (CVE-2011-1833)
Users of ecryptfs-utils are advised to upgrade to these updated
packages, which contain backported patches to correct these issues.
SL5:
i386
ecryptfs-utils-75-5.el5_7.2.i386.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.i386.rpm
ecryptfs-utils-devel-75-5.el5_7.2.i386.rpm
ecryptfs-utils-gui-75-5.el5_7.2.i386.rpm
x86_64
ecryptfs-utils-devel-75-5.el5_7.2.x86_64.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.x86_64.rpm
ecryptfs-utils-debuginfo-75-5.el5_7.2.i386.rpm
ecryptfs-utils-gui-75-5.el5_7.2.x86_64.rpm
ecryptfs-utils-75-5.el5_7.2.x86_64.rpm
ecryptfs-utils-75-5.el5_7.2.i386.rpm
ecryptfs-utils-devel-75-5.el5_7.2.i386.rpm
SL6:
i386
ecryptfs-utils-python-82-6.el6_1.3.i686.rpm
ecryptfs-utils-devel-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-82-6.el6_1.3.i686.rpm
x86_64
ecryptfs-utils-devel-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-devel-82-6.el6_1.3.i686.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-debuginfo-82-6.el6_1.3.i686.rpm
ecryptfs-utils-82-6.el6_1.3.x86_64.rpm
ecryptfs-utils-82-6.el6_1.3.i686.rpm
ecryptfs-utils-python-82-6.el6_1.3.x86_64.rpm
- Scientific Linux Development Team
|
|
|
