CVE-2016-1572 — HIGH (8.4) — White Hats Nepal

Q: How severe is CVE-2016-1572?

CVE-2016-1572 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-1572?

Check the references section above for vendor advisories and patch information. Affected products include: Ecryptfs Ecryptfs-Utils, Canonical Ubuntu Linux, Opensuse Leap, Opensuse Opensuse, Debian Debian Linux.

Vulnerability Description

mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.

CVSS Score

8.4

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Ecryptfs	Ecryptfs-Utils	< 109
Canonical	Ubuntu Linux	12.04
Opensuse	Leap	42.1
Opensuse	Opensuse	13.1
Debian	Debian Linux	7.0
Fedoraproject	Fedora	22

Related Weaknesses (CWE)

CWE-269

References

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177359.hMailing ListThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177396.hMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-01/msg00091.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-01/msg00118.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-02/msg00004.htmlMailing ListThird Party Advisory
http://www.debian.org/security/2016/dsa-3450PatchThird Party Advisory
http://www.openwall.com/lists/oss-security/2016/01/20/6Mailing ListThird Party Advisory
http://www.securitytracker.com/id/1034791Broken LinkThird Party AdvisoryVDB Entry
http://www.ubuntu.com/usn/USN-2876-1PatchThird Party Advisory
https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/870PatchThird Party Advisory
https://bugs.launchpad.net/ecryptfs/+bug/1530566Issue TrackingPatchThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177359.hMailing ListThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177396.hMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-01/msg00091.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-01/msg00118.htmlMailing ListThird Party Advisory

FAQ

What is CVE-2016-1572?

CVE-2016-1572 is a vulnerability with a CVSS score of 8.4 (HIGH). mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated ...

How severe is CVE-2016-1572?

CVE-2016-1572 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-1572?

Check the references section above for vendor advisories and patch information. Affected products include: Ecryptfs Ecryptfs-Utils, Canonical Ubuntu Linux, Opensuse Leap, Opensuse Opensuse, Debian Debian Linux.