ecryptfs-utils-82-6.AXS4.3
エラータID: AXSA:2011-680:01
リリース日:
2011/12/29 Thursday - 21:10
題名:
ecryptfs-utils-82-6.AXS4.3
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
eCryptfs is a stacked cryptographic filesystem that ships in Linux kernel versions 2.6.19 and above. This package provides the mount helper and supporting libraries to perform key management and mount functions.
Install ecryptfs-utils if you would like to mount eCryptfs.
Security issues fixed with this release:
CVE-2011-1831
CVE-2011-1832
CVE-2011-1834
CVE-2011-1835
CVE-2011-1837
CVE-2011-3145
No information available at the time of writing, please refer to the CVE links below.
解決策:
Update packages.
CVE:
CVE-2011-1831
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.
CVE-2011-1832
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.
CVE-2011-1834
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call.
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call.
CVE-2011-1835
The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps.
The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps.
CVE-2011-1837
The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors.
The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors.
CVE-2011-3145
When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.
When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.
追加情報:
From Asianux Server 4 SP1.
ダウンロード:
SRPMS
- ecryptfs-utils-82-6.AXS4.3.src.rpm
MD5: 01c88a2942e5b0a3c3e756bf5f587910
SHA-256: bfa17e452d257707be8aaef5bc3b79ef593b9e88f3fe717a63068ea7bebb3bf4
Size: 527.93 kB
Asianux Server 4 for x86
- ecryptfs-utils-82-6.AXS4.3.i686.rpm
MD5: 0cfbef32ae0bca23e22bf5de8eb8fa3d
SHA-256: ec4a1bff35034d661d5bc22c670f824208a382b6724aff3f491607e1c22a93df
Size: 146.38 kB
Asianux Server 4 for x86_64
- ecryptfs-utils-82-6.AXS4.3.x86_64.rpm
MD5: f79e1f3f8b062079a5d8850721f15703
SHA-256: aab554d81407cea126098bbd0bfd11ff9d04fdfcbb7d143063aa86b88224f0d4
Size: 146.05 kB - ecryptfs-utils-82-6.AXS4.3.i686.rpm
MD5: 0cfbef32ae0bca23e22bf5de8eb8fa3d
SHA-256: ec4a1bff35034d661d5bc22c670f824208a382b6724aff3f491607e1c22a93df
Size: 146.38 kB