Launchpad.net

CVE 2016-1572

mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.

Related bugs and status

CVE-2016-1572 (Candidate) is related to these bugs:

Bug #1530566: privilege escalation by mounting over /proc/$pid

		In	Importance	Status
1530566	privilege escalation by mounting over /proc/$pid	eCryptfs	High	Fix Committed
1530566	privilege escalation by mounting over /proc/$pid	ecryptfs-utils (Ubuntu)	High	Fix Released
1530566	privilege escalation by mounting over /proc/$pid	ecryptfs-utils (Ubuntu Vivid)	High	Fix Released
1530566	privilege escalation by mounting over /proc/$pid	ecryptfs-utils (Ubuntu Trusty)	High	Fix Released
1530566	privilege escalation by mounting over /proc/$pid	ecryptfs-utils (Ubuntu Xenial)	High	Fix Released
1530566	privilege escalation by mounting over /proc/$pid	ecryptfs-utils (Ubuntu Precise)	High	Fix Released
1530566	privilege escalation by mounting over /proc/$pid	ecryptfs-utils (Ubuntu Wily)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-1572

Related bugs and status

Related bugs

References