Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
172
security advisorymoderatevulnerabilityUbuntu 15.10 USN-2876-1: Moderate eCryptfs Program Escalation
mount.ecryptfs_private could be used to run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-2876-1 January 20, 2016 ecryptfs-utils vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 15.10 - Ubuntu 15.04 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: mount.ecryptfs_private could be used to run programs as an administrator. Software Description: - ecryptfs-utils: eCryptfs cryptographic filesystem utilities Details: Jann Horn discovered that mount.ecryptfs_private would mount over certain directories in the proc filesystem. A local attacker could use this to escalate their privileges. (CVE-2016-1572) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 15.10: ecryptfs-utils 108-0ubuntu1.1 Ubuntu 15.04: ecryptfs-utils 107-0ubuntu1.3 Ubuntu 14.04 LTS: ecryptfs-utils 104-0ubuntu1.14.04.4 Ubuntu 12.04 LTS: ecryptfs-utils 96-0ubuntu3.5 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2876-1 CVE-2016-1572 Package Information: https://launchpad.net/ubuntu/+source/ecryptfs-utils/108-0ubuntu1.1 https://launchpad.net/ubuntu/+source/ecryptfs-utils/107-0ubuntu1.3 https://launchpad.net/ubuntu/+source/ecryptfs-utils/104-0ubuntu1.14.04.4 https://launchpad.net/ubuntu/+source/ecryptfs-utils/96-0ubuntu3.5 . The Ubuntu Security Advisory USN-2876-1 details a vulnerability in ecryptfs-utils that could lead to local privilege escalation. Continuing on, discover the implications.. ecryptfs issue, ubuntu update, ecryptfs-utils, security notice, privilege escalation. . Severity: Important. LinuxSecurity.com Team
Jan 20, 2016
•Important
Ubuntu
172
security advisorymoderateubuntuUbuntu 14.04 LTS USN-2524-1 Moderate: eCryptfs Access Issue
Sensitive information in encrypted home and Private directories could beexposed if an attacker gained access to your files.. =========================================================================Ubuntu Security Notice USN-2524-1 March 11, 2015 ecryptfs-utils vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: Sensitive information in encrypted home and Private directories could be exposed if an attacker gained access to your files. Software Description: - ecryptfs-utils: eCryptfs cryptographic filesystem utilities Details: Sylvain Pelissier discovered that eCryptfs did not generate a random salt when encrypting the mount passphrase with the login password. An attacker could use this issue to discover the login password used to protect the mount passphrase and gain unintended access to the encrypted files. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.10: ecryptfs-utils 104-0ubuntu1.14.10.3 libecryptfs0 104-0ubuntu1.14.10.3 Ubuntu 14.04 LTS: ecryptfs-utils 104-0ubuntu1.14.04.3 libecryptfs0 104-0ubuntu1.14.04.3 Ubuntu 12.04 LTS: ecryptfs-utils 96-0ubuntu3.4 libecryptfs0 96-0ubuntu3.4 Ubuntu 10.04 LTS: ecryptfs-utils 83-0ubuntu3.2.10.04.6 libecryptfs0 83-0ubuntu3.2.10.04.6 After a standard system update you need to log out of all sessions and then log back in to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2524-1 CVE-2014-9687 Package Information: https://launchpad.net/ubuntu/+source/ecryptfs-utils/104-0ubuntu1.14.10.3 https://launchpad.net/ubuntu/+source/ecryptfs-utils/104-0ubuntu1.14.04.3 https://launchpad.net/ubuntu/+source/ecryptfs-utils/96-0ubuntu3.4 https://launchpad.net/ubuntu/+source/ecryptfs-utils/83-0ubuntu3.2.10.04.6 . A potential flaw in Ubuntu's eCryptfs could lead to risks where unauthorized users may access encrypted files. Please apply updates to safeguard your data.. ecryptfs Security, Encrypted Directories, Ubuntu Update. . Severity: Important. LinuxSecurity.com Team
Mar 11, 2015
•Important
Ubuntu
172
security advisorydenial of servicecriticalUbuntu 11.04 USN-1196-1 Critical: eCryptfs Denial Of Service
An attacker could use eCryptfs to unmount arbitrary locations and cause a denial of service.. =========================================================================Ubuntu Security Notice USN-1196-1 August 23, 2011 ecryptfs-utils vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: An attacker could use eCryptfs to unmount arbitrary locations and cause a denial of service. Software Description: - ecryptfs-utils: ecryptfs cryptographic filesystem (utilities) Details: It was discovered that eCryptfs incorrectly handled permissions when modifying the mtab file. A local attacker could use this flaw to manipulate the mtab file, and possibly unmount arbitrary locations, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: ecryptfs-utils 87-0ubuntu1.2 Ubuntu 10.10: ecryptfs-utils 83-0ubuntu3.2.10.10.2 Ubuntu 10.04 LTS: ecryptfs-utils 83-0ubuntu3.2.10.04.2 In general, a standard system update will make all the necessary changes. References: CVE-2011-3145 Package Information: https://launchpad.net/ubuntu/+source/ecryptfs-utils/87-0ubuntu1.2 https://launchpad.net/ubuntu/+source/ecryptfs-utils/83-0ubuntu3.2.10.10.2 https://launchpad.net/ubuntu/+source/ecryptfs-utils/83-0ubuntu3.2.10.04.2 . A security flaw in the implementation of eCryptfs may allow an assailant to leverage configuration errors, resulting in potential downtime on Ubuntu platforms. Immediate patching recommended.. eCryptfs Vulnerability, Denial of Service, Ubuntu 11.04, ecryptfs-utils Patch. . Severity: Critical. LinuxSecurity.com Team
Aug 23, 2011
•Critical
Ubuntu
172
security advisorysecurity updatecriticalUbuntu 9.04 USN-783-1 Security Alert: Critical eCryptfs Privacy Issue
Chris Jones discovered that the eCryptfs support utilities wouldreport the mount passphrase into installation logs when an eCryptfshome directory was selected during Ubuntu installation. The logs areonly readable by the root user, but this still left the mount passphraseunencrypted on disk, potentially leading to a loss of privacy. [More...]. ==========================================================Ubuntu Security Notice USN-783-1 June 08, 2009 ecryptfs-utils vulnerability CVE-2009-1296 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.04: ecryptfs-utils 73-0ubuntu6.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Chris Jones discovered that the eCryptfs support utilities would report the mount passphrase into installation logs when an eCryptfs home directory was selected during Ubuntu installation. The logs are only readable by the root user, but this still left the mount passphrase unencrypted on disk, potentially leading to a loss of privacy. Updated packages for Ubuntu 9.04: Source archives: Size/MD5: 12184 7f965e34c9eb44ceae0bafc65a3cc434 Size/MD5: 1707 d12ca96dd31ab19e559d8e4a86052b4c Size/MD5: 504056 cd1c344b4cabf16971a405db353cb5cd amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 102032 cb22885adb2b4cab782ef18167fc94c6 Size/MD5: 62688 be22d84e388e0dbecf4286ccdd829fb1 Size/MD5: 68838 fe8104a4a5e469c6bd57378c5c0c40b2 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 96908 e737d11e4132c59d2ab3b97257010ebe Size/MD5: 56284 d02501ddb287e2e32422570228ebc6a6 Size/MD5: 65424 e8e6e045f06a6a43493f1b50c4f55138 lpia architecture (Low Power Intel Architecture): Size/MD5: 96272 23e8f81d0b3b678abf548d316ad13a8a Size/MD5: 55578 780f0e6fc6accf33b5a0419ddf3930c5 Size/MD5: 63784 18a5b3f566928e63518fc5e2a87fd66e powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 117060 479282ff1ba602eedaf6246770c276fc Size/MD5: 63200 689a7a750b08350be0252dc6ad571b08 Size/MD5: 73604 2d03fa7da4649c06aa3b1d29a6512923 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 97944 37ecc02c57e7ae4efd708cbb9bfc2d74 Size/MD5: 58200 db71c5e6ad82ffdd119d739904e427d1 Size/MD5: 63088 6513b0bbbc6ec32c2360e05467470b8d . An urgent notice regarding Ubuntu 9.04 highlighting eCryptfs security issues and installation log vulnerabilities. Update immediately!. eCryptfs Privacy Issue, Ubuntu Security Advisory, ecryptfs-utils, Installation Logs, Security Update. . Severity: Critical. LinuxSecurity.com Team
Jun 08, 2009
•Critical
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!