ArchLinux: 201601-25: ecryptfs-utils: privilege escalation
Summary
An unprivileged user can mount an ecryptfs over /proc/$pid because according to stat(), it is a normal directory and owned by the user. However, the user is not actually permitted to create arbitrary directory entries in /proc/$pid, and ecryptfs' behavior might be enabling privilege escalation attacks with the help of other programs that use procfs.
Resolution
Upgrade to 108-2.
# pacman -Syu "ecryptfs-utils>=108-2"
The problem has been fixed upstream and the patch has been applied.
References
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1572 https://bugs.launchpad.net/ecryptfs/+bug/1530566 https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/870
Workaround
None.