Ecryptfs

ecryptfs

12 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (12)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-3409 2Debian Ecryptfs 2Debian Linux Ecryptfs Utils Nov 21, 2024 Dec 20, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation
CVE-2016-6224 2Canonical Ecryptfs 2Ecryptfs Utils Ubuntu Linux May 6, 2026 Jul 22, 2016 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive informa...Show more ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8946.Show less
CVE-2015-8946 2Canonical Ecryptfs 2Ecryptfs Utils Ubuntu Linux May 6, 2026 Jul 22, 2016 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensi...Show more ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.Show less
CVE-2016-1572 5Canonical DebianEcryptfs+2 more 6Debian Linux Ecryptfs UtilsFedora+3 more May 6, 2026 Jan 22, 2016 N/A· v4 8.4 HIGH· v3 4.6 MEDIUM· v2 mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
CVE-2014-9687 1Ecryptfs 1Ecryptfs Utils May 6, 2026 Mar 16, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.
CVE-2011-1837 1Ecryptfs 1Ecryptfs Utils Apr 29, 2026 Feb 15, 2014 N/A· v4 N/A· v3 3.6 LOW· v2 The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors.
CVE-2011-1836 1Ecryptfs 1Ecryptfs Utils Apr 29, 2026 Feb 15, 2014 N/A· v4 N/A· v3 4.6 MEDIUM· v2 utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations...Show more utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process.Show less
CVE-2011-1835 1Ecryptfs 1Ecryptfs Utils Apr 29, 2026 Feb 15, 2014 N/A· v4 N/A· v3 4.4 MEDIUM· v2 The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended acc...Show more The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps.Show less
CVE-2011-1834 1Ecryptfs 1Ecryptfs Utils Apr 29, 2026 Feb 15, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unm...Show more utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call.Show less
CVE-2011-1832 1Ecryptfs 1Ecryptfs Utils Apr 29, 2026 Feb 15, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.
CVE-2011-1831 1Ecryptfs 1Ecryptfs Utils Apr 29, 2026 Feb 15, 2014 N/A· v4 N/A· v3 4.6 MEDIUM· v2 utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privil...Show more utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.Show less
CVE-2008-5188 1Ecryptfs 1Ecryptfs Utils Apr 23, 2026 Nov 21, 2008 N/A· v4 N/A· v3 7.2 HIGH· v2 The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and (3) ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local us...Show more The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and (3) ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process.Show less