First published: Sun Apr 10 2011(Updated: )
mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux | =2.10 | |
Linux | =2.5 | |
Linux | =2.16 | |
Linux | =2.11 | |
Linux | =2.12 | |
Linux | =2.17 | |
Linux | =2.13 | |
Linux | =2.14 | |
Linux | =2.12-pre | |
Linux | =2.2 | |
Linux | <=2.19 | |
Linux | =2.8 | |
Linux | =2.18 | |
Linux | =2.7 | |
Linux | =2.9 | |
Linux | =2.13-pre | |
Linux | =2.15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2011-1675 is considered a medium severity vulnerability due to the potential for local users to corrupt the /etc/mtab file.
To fix CVE-2011-1675, you should upgrade to util-linux version 2.20 or later.
CVE-2011-1675 affects local users on systems running util-linux versions 2.19 and earlier.
Any Linux system using util-linux mount versions up to 2.19 is vulnerable to CVE-2011-1675.
CVE-2011-1675 does not directly lead to system compromise but allows local users to corrupt critical system files.