csaf_redhat - rhsa-2012

rhsa-2012_0307

Vulnerability from csaf_redhat

Published

2012-02-21 02:21

Modified

2024-11-22 04:34

Summary

Red Hat Security Advisory: util-linux security, bug fix, and enhancement update

Notes

Topic

An updated util-linux package that fixes multiple security issues, various bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details

The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, util-linux contains the fdisk configuration tool and the login program. Multiple flaws were found in the way the mount and umount commands performed mtab (mounted file systems table) file updates. A local, unprivileged user allowed to mount or unmount file systems could use these flaws to corrupt the mtab file and create a stale lock file, preventing other users from mounting and unmounting file systems. (CVE-2011-1675, CVE-2011-1677) This update also fixes the following bugs: * When the user logged into a telnet server, the login utility did not update the utmp database properly if the utility was executed from the telnetd daemon. This was due to telnetd not creating an appropriate entry in a utmp file before executing login. With this update, correct entries are created and the database is updated properly. (BZ#646300) * Various options were not described on the blockdev(8) manual page. With this update, the blockdev(8) manual page includes all the relevant options. (BZ#650937) * Prior to this update, the build process of the util-linux package failed in the po directory with the following error message: "@MKINSTALLDIRS@: No such file or directory". An upstream patch has been applied to address this issue, and the util-linux package now builds successfully. (BZ#677452) * Previously, the ipcs(1) and ipcrm(1) manual pages mentioned an invalid option, "-b". With this update, only valid options are listed on those manual pages. (BZ#678407) * Previously, the mount(8) manual page contained incomplete information about the ext4 and XFS file systems. With this update, the mount(8) manual page contains the missing information. (BZ#699639) In addition, this update adds the following enhancements: * Previously, if DOS mode was enabled on a device, the fdisk utility could report error messages similar to the following: Partition 1 has different physical/logical beginnings (non-Linux?): phys=(0, 1, 1) logical=(0, 2, 7) This update enables users to switch off DOS compatible mode (by specifying the "-c" option), and such error messages are no longer displayed. (BZ#678430) * This update adds the "fsfreeze" command which halts access to a file system on a disk. (BZ#726572) All users of util-linux are advised to upgrade to this updated package, which contains backported patches to correct these issues and add these enhancements.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated util-linux package that fixes multiple security issues, various\nbugs, and adds two enhancements is now available for Red Hat\nEnterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The util-linux package contains a large variety of low-level system\nutilities that are necessary for a Linux system to function. Among others,\nutil-linux contains the fdisk configuration tool and the login program.\n\nMultiple flaws were found in the way the mount and umount commands\nperformed mtab (mounted file systems table) file updates. A local,\nunprivileged user allowed to mount or unmount file systems could use these\nflaws to corrupt the mtab file and create a stale lock file, preventing\nother users from mounting and unmounting file systems. (CVE-2011-1675,\nCVE-2011-1677)\n\nThis update also fixes the following bugs:\n\n* When the user logged into a telnet server, the login utility did not\nupdate the utmp database properly if the utility was executed from the\ntelnetd daemon. This was due to telnetd not creating an appropriate entry\nin a utmp file before executing login. With this update, correct entries\nare created and the database is updated properly. (BZ#646300)\n\n* Various options were not described on the blockdev(8) manual page. With\nthis update, the blockdev(8) manual page includes all the relevant options.\n(BZ#650937)\n\n* Prior to this update, the build process of the util-linux package failed\nin the po directory with the following error message: \"@MKINSTALLDIRS@:\nNo such file or directory\". An upstream patch has been applied to address\nthis issue, and the util-linux package now builds successfully. (BZ#677452)\n\n* Previously, the ipcs(1) and ipcrm(1) manual pages mentioned an invalid\noption, \"-b\". With this update, only valid options are listed on those\nmanual pages. (BZ#678407)\n\n* Previously, the mount(8) manual page contained incomplete information\nabout the ext4 and XFS file systems. With this update, the mount(8) manual\npage contains the missing information. (BZ#699639)\n\nIn addition, this update adds the following enhancements:\n\n* Previously, if DOS mode was enabled on a device, the fdisk utility could\nreport error messages similar to the following:\n\nPartition 1 has different physical/logical beginnings (non-Linux?):\nphys=(0, 1, 1) logical=(0, 2, 7)\n\nThis update enables users to switch off DOS compatible mode (by specifying\nthe \"-c\" option), and such error messages are no longer displayed.\n(BZ#678430)\n\n* This update adds the \"fsfreeze\" command which halts access to a file\nsystem on a disk. (BZ#726572)\n\nAll users of util-linux are advised to upgrade to this updated package,\nwhich contains backported patches to correct these issues and add these\nenhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2012:0307",
        "url": "https://access.redhat.com/errata/RHSA-2012:0307"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#low",
        "url": "https://access.redhat.com/security/updates/classification/#low"
      },
      {
        "category": "external",
        "summary": "650937",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=650937"
      },
      {
        "category": "external",
        "summary": "677452",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=677452"
      },
      {
        "category": "external",
        "summary": "678407",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678407"
      },
      {
        "category": "external",
        "summary": "695916",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695916"
      },
      {
        "category": "external",
        "summary": "695924",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695924"
      },
      {
        "category": "external",
        "summary": "699639",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=699639"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_0307.json"
      }
    ],
    "title": "Red Hat Security Advisory: util-linux security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T04:34:57+00:00",
      "generator": {
        "date": "2024-11-22T04:34:57+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2012:0307",
      "initial_release_date": "2012-02-21T02:21:00+00:00",
      "revision_history": [
        {
          "date": "2012-02-21T02:21:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2012-02-21T02:24:56+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T04:34:57+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "util-linux-debuginfo-0:2.13-0.59.el5.i386",
                "product": {
                  "name": "util-linux-debuginfo-0:2.13-0.59.el5.i386",
                  "product_id": "util-linux-debuginfo-0:2.13-0.59.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux-debuginfo@2.13-0.59.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "util-linux-0:2.13-0.59.el5.i386",
                "product": {
                  "name": "util-linux-0:2.13-0.59.el5.i386",
                  "product_id": "util-linux-0:2.13-0.59.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux@2.13-0.59.el5?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "util-linux-debuginfo-0:2.13-0.59.el5.x86_64",
                "product": {
                  "name": "util-linux-debuginfo-0:2.13-0.59.el5.x86_64",
                  "product_id": "util-linux-debuginfo-0:2.13-0.59.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux-debuginfo@2.13-0.59.el5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "util-linux-0:2.13-0.59.el5.x86_64",
                "product": {
                  "name": "util-linux-0:2.13-0.59.el5.x86_64",
                  "product_id": "util-linux-0:2.13-0.59.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux@2.13-0.59.el5?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "util-linux-0:2.13-0.59.el5.src",
                "product": {
                  "name": "util-linux-0:2.13-0.59.el5.src",
                  "product_id": "util-linux-0:2.13-0.59.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux@2.13-0.59.el5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "util-linux-debuginfo-0:2.13-0.59.el5.ia64",
                "product": {
                  "name": "util-linux-debuginfo-0:2.13-0.59.el5.ia64",
                  "product_id": "util-linux-debuginfo-0:2.13-0.59.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux-debuginfo@2.13-0.59.el5?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "util-linux-0:2.13-0.59.el5.ia64",
                "product": {
                  "name": "util-linux-0:2.13-0.59.el5.ia64",
                  "product_id": "util-linux-0:2.13-0.59.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux@2.13-0.59.el5?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "util-linux-debuginfo-0:2.13-0.59.el5.ppc",
                "product": {
                  "name": "util-linux-debuginfo-0:2.13-0.59.el5.ppc",
                  "product_id": "util-linux-debuginfo-0:2.13-0.59.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux-debuginfo@2.13-0.59.el5?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "util-linux-0:2.13-0.59.el5.ppc",
                "product": {
                  "name": "util-linux-0:2.13-0.59.el5.ppc",
                  "product_id": "util-linux-0:2.13-0.59.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux@2.13-0.59.el5?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "util-linux-debuginfo-0:2.13-0.59.el5.s390x",
                "product": {
                  "name": "util-linux-debuginfo-0:2.13-0.59.el5.s390x",
                  "product_id": "util-linux-debuginfo-0:2.13-0.59.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux-debuginfo@2.13-0.59.el5?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "util-linux-0:2.13-0.59.el5.s390x",
                "product": {
                  "name": "util-linux-0:2.13-0.59.el5.s390x",
                  "product_id": "util-linux-0:2.13-0.59.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux@2.13-0.59.el5?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.59.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-0:2.13-0.59.el5.i386"
        },
        "product_reference": "util-linux-0:2.13-0.59.el5.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.59.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-0:2.13-0.59.el5.ia64"
        },
        "product_reference": "util-linux-0:2.13-0.59.el5.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.59.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-0:2.13-0.59.el5.ppc"
        },
        "product_reference": "util-linux-0:2.13-0.59.el5.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.59.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-0:2.13-0.59.el5.s390x"
        },
        "product_reference": "util-linux-0:2.13-0.59.el5.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.59.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-0:2.13-0.59.el5.src"
        },
        "product_reference": "util-linux-0:2.13-0.59.el5.src",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.59.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-0:2.13-0.59.el5.x86_64"
        },
        "product_reference": "util-linux-0:2.13-0.59.el5.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.59.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-debuginfo-0:2.13-0.59.el5.i386"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.59.el5.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.59.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ia64"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.59.el5.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.59.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ppc"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.59.el5.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.59.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-debuginfo-0:2.13-0.59.el5.s390x"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.59.el5.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.59.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-debuginfo-0:2.13-0.59.el5.x86_64"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.59.el5.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.59.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-0:2.13-0.59.el5.i386"
        },
        "product_reference": "util-linux-0:2.13-0.59.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.59.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-0:2.13-0.59.el5.ia64"
        },
        "product_reference": "util-linux-0:2.13-0.59.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.59.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-0:2.13-0.59.el5.ppc"
        },
        "product_reference": "util-linux-0:2.13-0.59.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.59.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-0:2.13-0.59.el5.s390x"
        },
        "product_reference": "util-linux-0:2.13-0.59.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.59.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-0:2.13-0.59.el5.src"
        },
        "product_reference": "util-linux-0:2.13-0.59.el5.src",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.59.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-0:2.13-0.59.el5.x86_64"
        },
        "product_reference": "util-linux-0:2.13-0.59.el5.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.59.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-debuginfo-0:2.13-0.59.el5.i386"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.59.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.59.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ia64"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.59.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.59.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ppc"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.59.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.59.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-debuginfo-0:2.13-0.59.el5.s390x"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.59.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.59.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-debuginfo-0:2.13-0.59.el5.x86_64"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.59.el5.x86_64",
        "relates_to_product_reference": "5Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2011-1675",
      "discovery_date": "2011-03-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "695916"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "util-linux: mount fails to anticipate RLIMIT_FSIZE",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client:util-linux-0:2.13-0.59.el5.i386",
          "5Client:util-linux-0:2.13-0.59.el5.ia64",
          "5Client:util-linux-0:2.13-0.59.el5.ppc",
          "5Client:util-linux-0:2.13-0.59.el5.s390x",
          "5Client:util-linux-0:2.13-0.59.el5.src",
          "5Client:util-linux-0:2.13-0.59.el5.x86_64",
          "5Client:util-linux-debuginfo-0:2.13-0.59.el5.i386",
          "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ia64",
          "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ppc",
          "5Client:util-linux-debuginfo-0:2.13-0.59.el5.s390x",
          "5Client:util-linux-debuginfo-0:2.13-0.59.el5.x86_64",
          "5Server:util-linux-0:2.13-0.59.el5.i386",
          "5Server:util-linux-0:2.13-0.59.el5.ia64",
          "5Server:util-linux-0:2.13-0.59.el5.ppc",
          "5Server:util-linux-0:2.13-0.59.el5.s390x",
          "5Server:util-linux-0:2.13-0.59.el5.src",
          "5Server:util-linux-0:2.13-0.59.el5.x86_64",
          "5Server:util-linux-debuginfo-0:2.13-0.59.el5.i386",
          "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ia64",
          "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ppc",
          "5Server:util-linux-debuginfo-0:2.13-0.59.el5.s390x",
          "5Server:util-linux-debuginfo-0:2.13-0.59.el5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2011-1675"
        },
        {
          "category": "external",
          "summary": "RHBZ#695916",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695916"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1675",
          "url": "https://www.cve.org/CVERecord?id=CVE-2011-1675"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1675",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1675"
        }
      ],
      "release_date": "2011-03-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2012-02-21T02:21:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
          "product_ids": [
            "5Client:util-linux-0:2.13-0.59.el5.i386",
            "5Client:util-linux-0:2.13-0.59.el5.ia64",
            "5Client:util-linux-0:2.13-0.59.el5.ppc",
            "5Client:util-linux-0:2.13-0.59.el5.s390x",
            "5Client:util-linux-0:2.13-0.59.el5.src",
            "5Client:util-linux-0:2.13-0.59.el5.x86_64",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.i386",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ia64",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ppc",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.s390x",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.x86_64",
            "5Server:util-linux-0:2.13-0.59.el5.i386",
            "5Server:util-linux-0:2.13-0.59.el5.ia64",
            "5Server:util-linux-0:2.13-0.59.el5.ppc",
            "5Server:util-linux-0:2.13-0.59.el5.s390x",
            "5Server:util-linux-0:2.13-0.59.el5.src",
            "5Server:util-linux-0:2.13-0.59.el5.x86_64",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.i386",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ia64",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ppc",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.s390x",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2012:0307"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 1.9,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "5Client:util-linux-0:2.13-0.59.el5.i386",
            "5Client:util-linux-0:2.13-0.59.el5.ia64",
            "5Client:util-linux-0:2.13-0.59.el5.ppc",
            "5Client:util-linux-0:2.13-0.59.el5.s390x",
            "5Client:util-linux-0:2.13-0.59.el5.src",
            "5Client:util-linux-0:2.13-0.59.el5.x86_64",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.i386",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ia64",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ppc",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.s390x",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.x86_64",
            "5Server:util-linux-0:2.13-0.59.el5.i386",
            "5Server:util-linux-0:2.13-0.59.el5.ia64",
            "5Server:util-linux-0:2.13-0.59.el5.ppc",
            "5Server:util-linux-0:2.13-0.59.el5.s390x",
            "5Server:util-linux-0:2.13-0.59.el5.src",
            "5Server:util-linux-0:2.13-0.59.el5.x86_64",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.i386",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ia64",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ppc",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.s390x",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "util-linux: mount fails to anticipate RLIMIT_FSIZE"
    },
    {
      "cve": "CVE-2011-1677",
      "discovery_date": "2011-03-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "695924"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "util-linux: umount may fail to remove /etc/mtab~ lock file",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client:util-linux-0:2.13-0.59.el5.i386",
          "5Client:util-linux-0:2.13-0.59.el5.ia64",
          "5Client:util-linux-0:2.13-0.59.el5.ppc",
          "5Client:util-linux-0:2.13-0.59.el5.s390x",
          "5Client:util-linux-0:2.13-0.59.el5.src",
          "5Client:util-linux-0:2.13-0.59.el5.x86_64",
          "5Client:util-linux-debuginfo-0:2.13-0.59.el5.i386",
          "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ia64",
          "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ppc",
          "5Client:util-linux-debuginfo-0:2.13-0.59.el5.s390x",
          "5Client:util-linux-debuginfo-0:2.13-0.59.el5.x86_64",
          "5Server:util-linux-0:2.13-0.59.el5.i386",
          "5Server:util-linux-0:2.13-0.59.el5.ia64",
          "5Server:util-linux-0:2.13-0.59.el5.ppc",
          "5Server:util-linux-0:2.13-0.59.el5.s390x",
          "5Server:util-linux-0:2.13-0.59.el5.src",
          "5Server:util-linux-0:2.13-0.59.el5.x86_64",
          "5Server:util-linux-debuginfo-0:2.13-0.59.el5.i386",
          "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ia64",
          "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ppc",
          "5Server:util-linux-debuginfo-0:2.13-0.59.el5.s390x",
          "5Server:util-linux-debuginfo-0:2.13-0.59.el5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2011-1677"
        },
        {
          "category": "external",
          "summary": "RHBZ#695924",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=695924"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1677",
          "url": "https://www.cve.org/CVERecord?id=CVE-2011-1677"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1677",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1677"
        }
      ],
      "release_date": "2011-03-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2012-02-21T02:21:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
          "product_ids": [
            "5Client:util-linux-0:2.13-0.59.el5.i386",
            "5Client:util-linux-0:2.13-0.59.el5.ia64",
            "5Client:util-linux-0:2.13-0.59.el5.ppc",
            "5Client:util-linux-0:2.13-0.59.el5.s390x",
            "5Client:util-linux-0:2.13-0.59.el5.src",
            "5Client:util-linux-0:2.13-0.59.el5.x86_64",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.i386",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ia64",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ppc",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.s390x",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.x86_64",
            "5Server:util-linux-0:2.13-0.59.el5.i386",
            "5Server:util-linux-0:2.13-0.59.el5.ia64",
            "5Server:util-linux-0:2.13-0.59.el5.ppc",
            "5Server:util-linux-0:2.13-0.59.el5.s390x",
            "5Server:util-linux-0:2.13-0.59.el5.src",
            "5Server:util-linux-0:2.13-0.59.el5.x86_64",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.i386",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ia64",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ppc",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.s390x",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2012:0307"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 1.9,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "5Client:util-linux-0:2.13-0.59.el5.i386",
            "5Client:util-linux-0:2.13-0.59.el5.ia64",
            "5Client:util-linux-0:2.13-0.59.el5.ppc",
            "5Client:util-linux-0:2.13-0.59.el5.s390x",
            "5Client:util-linux-0:2.13-0.59.el5.src",
            "5Client:util-linux-0:2.13-0.59.el5.x86_64",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.i386",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ia64",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.ppc",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.s390x",
            "5Client:util-linux-debuginfo-0:2.13-0.59.el5.x86_64",
            "5Server:util-linux-0:2.13-0.59.el5.i386",
            "5Server:util-linux-0:2.13-0.59.el5.ia64",
            "5Server:util-linux-0:2.13-0.59.el5.ppc",
            "5Server:util-linux-0:2.13-0.59.el5.s390x",
            "5Server:util-linux-0:2.13-0.59.el5.src",
            "5Server:util-linux-0:2.13-0.59.el5.x86_64",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.i386",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ia64",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.ppc",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.s390x",
            "5Server:util-linux-debuginfo-0:2.13-0.59.el5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "util-linux: umount may fail to remove /etc/mtab~ lock file"
    }
  ]
}

cve-2011-1677

Vulnerability from cvelistv5

Published

2011-04-10 01:29

Modified

2024-08-06 22:37

Severity ?

Summary

mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors.

References

▼	URL	Tags
	http://openwall.com/lists/oss-security/2011/03/14/5	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/04/9	mailing-list, x_refsource_MLIST
	https://exchange.xforce.ibmcloud.com/vulnerabilities/66703	vdb-entry, x_refsource_XF
	http://openwall.com/lists/oss-security/2011/03/22/6	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/22/4	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/05/7	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/48114	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=688980	x_refsource_MISC
	http://openwall.com/lists/oss-security/2011/03/07/9	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/04/01/2	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/04/10	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/14/16	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/31/4	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/04/12	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/14/7	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/04/11	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/05/3	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/31/3	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/15/6	mailing-list, x_refsource_MLIST
	http://www.redhat.com/support/errata/RHSA-2011-1691.html	vendor-advisory, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:37:24.861Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/14/5"
          },
          {
            "name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/04/9"
          },
          {
            "name": "utillinux-mount-unspecified(66703)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66703"
          },
          {
            "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/22/6"
          },
          {
            "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/22/4"
          },
          {
            "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/05/7"
          },
          {
            "name": "48114",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48114"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
          },
          {
            "name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/07/9"
          },
          {
            "name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/04/01/2"
          },
          {
            "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/04/10"
          },
          {
            "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/14/16"
          },
          {
            "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/31/4"
          },
          {
            "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/04/12"
          },
          {
            "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/14/7"
          },
          {
            "name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/04/11"
          },
          {
            "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/05/3"
          },
          {
            "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/31/3"
          },
          {
            "name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/15/6"
          },
          {
            "name": "RHSA-2011:1691",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-09T17:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/14/5"
        },
        {
          "name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/04/9"
        },
        {
          "name": "utillinux-mount-unspecified(66703)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66703"
        },
        {
          "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/22/6"
        },
        {
          "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/22/4"
        },
        {
          "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/05/7"
        },
        {
          "name": "48114",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48114"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
        },
        {
          "name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/07/9"
        },
        {
          "name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/04/01/2"
        },
        {
          "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/04/10"
        },
        {
          "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/14/16"
        },
        {
          "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/31/4"
        },
        {
          "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/04/12"
        },
        {
          "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/14/7"
        },
        {
          "name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/04/11"
        },
        {
          "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/05/3"
        },
        {
          "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/31/3"
        },
        {
          "name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/15/6"
        },
        {
          "name": "RHSA-2011:1691",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1677",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/14/5"
            },
            {
              "name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/04/9"
            },
            {
              "name": "utillinux-mount-unspecified(66703)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66703"
            },
            {
              "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/22/6"
            },
            {
              "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/22/4"
            },
            {
              "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/05/7"
            },
            {
              "name": "48114",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48114"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=688980",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
            },
            {
              "name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/07/9"
            },
            {
              "name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/04/01/2"
            },
            {
              "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/04/10"
            },
            {
              "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/14/16"
            },
            {
              "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/31/4"
            },
            {
              "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/04/12"
            },
            {
              "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/14/7"
            },
            {
              "name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/04/11"
            },
            {
              "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/05/3"
            },
            {
              "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/31/3"
            },
            {
              "name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/15/6"
            },
            {
              "name": "RHSA-2011:1691",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1677",
    "datePublished": "2011-04-10T01:29:00",
    "dateReserved": "2011-04-09T00:00:00",
    "dateUpdated": "2024-08-06T22:37:24.861Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-1675

Vulnerability from cvelistv5

Published

2011-04-10 01:29

Modified

2024-08-06 22:37

Severity ?

Summary

mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

References

▼	URL	Tags
	http://openwall.com/lists/oss-security/2011/03/14/5	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/04/9	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/22/6	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/22/4	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/05/7	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/48114	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=688980	x_refsource_MISC
	http://openwall.com/lists/oss-security/2011/03/07/9	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/04/01/2	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/04/10	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/14/16	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/31/4	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/04/12	mailing-list, x_refsource_MLIST
	https://exchange.xforce.ibmcloud.com/vulnerabilities/66705	vdb-entry, x_refsource_XF
	http://openwall.com/lists/oss-security/2011/03/14/7	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/04/11	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/05/3	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/31/3	mailing-list, x_refsource_MLIST
	http://openwall.com/lists/oss-security/2011/03/15/6	mailing-list, x_refsource_MLIST
	http://www.redhat.com/support/errata/RHSA-2011-1691.html	vendor-advisory, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:37:25.594Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/14/5"
          },
          {
            "name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/04/9"
          },
          {
            "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/22/6"
          },
          {
            "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/22/4"
          },
          {
            "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/05/7"
          },
          {
            "name": "48114",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48114"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
          },
          {
            "name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/07/9"
          },
          {
            "name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/04/01/2"
          },
          {
            "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/04/10"
          },
          {
            "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/14/16"
          },
          {
            "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/31/4"
          },
          {
            "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/04/12"
          },
          {
            "name": "utillinux-mtab-security-bypass(66705)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66705"
          },
          {
            "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/14/7"
          },
          {
            "name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/04/11"
          },
          {
            "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/05/3"
          },
          {
            "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/31/3"
          },
          {
            "name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/15/6"
          },
          {
            "name": "RHSA-2011:1691",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-09T17:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/14/5"
        },
        {
          "name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/04/9"
        },
        {
          "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/22/6"
        },
        {
          "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/22/4"
        },
        {
          "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/05/7"
        },
        {
          "name": "48114",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48114"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
        },
        {
          "name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/07/9"
        },
        {
          "name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/04/01/2"
        },
        {
          "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/04/10"
        },
        {
          "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/14/16"
        },
        {
          "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/31/4"
        },
        {
          "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/04/12"
        },
        {
          "name": "utillinux-mtab-security-bypass(66705)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66705"
        },
        {
          "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/14/7"
        },
        {
          "name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/04/11"
        },
        {
          "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/05/3"
        },
        {
          "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/31/3"
        },
        {
          "name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/15/6"
        },
        {
          "name": "RHSA-2011:1691",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1675",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/14/5"
            },
            {
              "name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/04/9"
            },
            {
              "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/22/6"
            },
            {
              "name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/22/4"
            },
            {
              "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/05/7"
            },
            {
              "name": "48114",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48114"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=688980",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
            },
            {
              "name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/07/9"
            },
            {
              "name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/04/01/2"
            },
            {
              "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/04/10"
            },
            {
              "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/14/16"
            },
            {
              "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/31/4"
            },
            {
              "name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/04/12"
            },
            {
              "name": "utillinux-mtab-security-bypass(66705)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66705"
            },
            {
              "name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/14/7"
            },
            {
              "name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/04/11"
            },
            {
              "name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/05/3"
            },
            {
              "name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/31/3"
            },
            {
              "name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/03/15/6"
            },
            {
              "name": "RHSA-2011:1691",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1691.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1675",
    "datePublished": "2011-04-10T01:29:00",
    "dateReserved": "2011-04-09T00:00:00",
    "dateUpdated": "2024-08-06T22:37:25.594Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2012_0307

Vulnerability from csaf_redhat

cve-2011-1677

Vulnerability from cvelistv5

cve-2011-1675

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature