vulnerability note CVE-2012-3409
ecryptfs-utils: privilege elevation via suid/dev
Synthesis of the vulnerability
When the /sbin/mount.ecryptfs_private program is installed suid root, a local attacker can mount an USB device containing a suid root program, in order to gain privileges of the administrator.Impacted products:
Fedora, Unix (platform).
740110, BID-54634, CVE-2012-3409, FEDORA-2012-11049, FEDORA-2012-11069, VIGILANCE-VUL-11789.
Description of the vulnerability
The ecryptfs-utils suite implements tools for encrypted Linux filesystems.
The /sbin/mount.ecryptfs_private program is often installed root, so that users can encrypt their data. However, the encrypted partition is mounted without the options MS_NODEV nor MS_NOSUID. A program suid root located on the partition thus keeps its privileges.
When the /sbin/mount.ecryptfs_private program is installed suid root, a local attacker can therefore mount an USB device containing a suid root program, in order to gain privileges of the administrator.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides a computers vulnerabilities announce
. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The technology watch team tracks security threats targeting the computer system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.