CVE-2011-1835

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps.

Published: Feb 15, 2014
Updated: Apr 13, 2023
CVE: CVE-2011-1835
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-255

Affected Software
References

Software	From	Fixed in
ecryptfs / ecryptfs-utils	68	68.x
ecryptfs / ecryptfs-utils	62	62.x
ecryptfs / ecryptfs-utils	74	74.x
ecryptfs / ecryptfs-utils	87	87.x
ecryptfs / ecryptfs-utils	82	82.x
ecryptfs / ecryptfs-utils	86	86.x
ecryptfs / ecryptfs-utils	80	80.x
ecryptfs / ecryptfs-utils	65	65.x
ecryptfs / ecryptfs-utils	79	79.x
ecryptfs / ecryptfs-utils	83	83.x
ecryptfs / ecryptfs-utils	72	72.x
ecryptfs / ecryptfs-utils	69	69.x
ecryptfs / ecryptfs-utils	63	63.x
ecryptfs / ecryptfs-utils	64	64.x
ecryptfs / ecryptfs_utils	60	60.x
ecryptfs / ecryptfs_utils	58	58.x
ecryptfs / ecryptfs-utils	70	70.x
ecryptfs / ecryptfs-utils	77	77.x
ecryptfs / ecryptfs_utils	61	61.x
ecryptfs / ecryptfs-utils	76	76.x
ecryptfs / ecryptfs-utils	75	75.x
ecryptfs / ecryptfs-utils	71	71.x
ecryptfs / ecryptfs-utils	85	85.x
ecryptfs / ecryptfs-utils	78	78.x
ecryptfs / ecryptfs-utils	-	89.x
ecryptfs / ecryptfs-utils	84	84.x
ecryptfs / ecryptfs-utils	67	67.x
ecryptfs / ecryptfs-utils	81	81.x
ecryptfs / ecryptfs-utils	73	73.x
ecryptfs / ecryptfs-utils	66	66.x
ecryptfs / ecryptfs_utils	59	59.x

Vulnerability Database

289,784

CVE-2011-1835