Local Users Can Corrupt Mtab File in Util-Linux by Mounting
CVE-2011-1676

Currently unrated

Key Information:

Vendor: Linux
Status: Util-linux
Vendor: CVE Published:; 10 April 2011

Summary

The vulnerability exists in util-linux version 2.19 and earlier, where a failure to remove the /etc/mtab.tmp file after an unsuccessful attempt to add a mount entry can lead to local users triggering corruption of the /etc/mtab file. This flaw can potentially result in incorrect file system reporting, which may be exploited by users with local access, leading to operational issues within the system.

References

http://openwall.com/lists/oss-security/2011/03/14/5

mailing-listx_refsource_MLIST

http://openwall.com/lists/oss-security/2011/03/04/9

mailing-listx_refsource_MLIST

http://openwall.com/lists/oss-security/2011/03/22/6

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Apr 10, 2011
Vulnerability Reserved
Apr 9, 2011